The salt isn’t “random each time” in most systems. A random salt is randomly chosen when the password is set, and stored with the hash. “Entered password” + “stored salt” is the input to the hash function. Salt is prevention against dictionary attacks where evildoers have hashed oodles of common passwords before hand, and are just checking for a hash answer that matches something in their table.
Latest Answers