This content has been marked as final.
Show 2 replies
-
1. Re: Best place to store password salt?
kapitanpetko Jul 9, 2009 4:15 PM (in response to boomerbrian.brian.abston.featurenotbug.com)Static salt wouldn't make much sense: it would make generating a rainbow table quite easy. Seam will generate random
salt for you, you should use that.Some people advocate separating the salt (like in a different table), but the advantage is negligible, IMHO. If someone
gets into your database, chances are they will get all the data. Btw, if you use Seam security, the salt and hash need to be
in the same table. -
2. Re: Best place to store password salt?
boomerbrian.brian.abston.featurenotbug.com Jul 9, 2009 4:50 PM (in response to boomerbrian.brian.abston.featurenotbug.com)That makes sense and very good points.
Thanks,
BRian