Skip to content

Salt

Medium — good to knowSecurity

ELI5 — The Vibe Check

A salt is random gibberish you add to a password before hashing it so two people with the same password get completely different hashes. Without salt, hackers could pre-compute a giant table of common password hashes and look yours up instantly. Salt ruins that plan.

Real Talk

A cryptographic salt is a random value added to a password before hashing. It ensures that identical passwords produce different hashes, preventing rainbow table attacks. Salts are stored alongside the hash in the database.

Show Me The Code

// Salt is built into bcrypt automatically
import bcrypt from 'bcrypt';
const saltRounds = 10; // cost factor
const salt = await bcrypt.genSalt(saltRounds);
const hash = await bcrypt.hash('password123', salt);
// The salt is embedded in the resulting hash string

When You'll Hear This

"Make sure you're salting passwords before hashing." / "bcrypt handles salt automatically, don't roll your own."

Related Terms

Bcrypt

Bcrypt is the gold-standard password hasher that's intentionally slow.

intermediateSecurity

Hashing

Hashing is a one-way blender for data. You throw a password in, it spits out a weird string of letters and numbers, and there's no way to reverse it.

beginnerSecurity

Password Manager

A password manager remembers all your passwords so you don't have to reuse the same one everywhere.

beginnerSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.