if the salt is random, how do we reliably generate the same salt value
I was confused about this as well. You store the hash of the random, long salt in the user table right next to the hash of the password. It’s not a secret, so you don’t have to hide it.
I thought the main idea was that if the database is compromised that the salt would help protect the hashed passwords. If you store the hashed salt in the database, then the salt is no safer than your hashed passwords.
So this really presents a two simple scenarios.
-
Entire application is compromised, source, database, everything. In this case you’re totally screwed and you need to roll over to a backup plan.
-
Just the database is compromised. If you store a hash of the random salt in the database it’s not clear to me how you can determine what the original salt was so that means the algorithm is a simple concatenation. salt + password or password + salt. You cannot create a more complex algorithm than that unless you have a way of determining what the salt is. If you store the password plain text you’re almost better off because now you need to account for the salt as a split string and the attacker has no way of knowing short of compromising the app how to shortcut his way past combining the salt and password.