If I make the SALT random for each user, how do I authenticate them?

Question

I\'ve been reading up on the benefits of salting and hashing passwords, but one thing still eludes me...

When I provide a random salt for each user, how do I then know

Answer 1

when creating the hashed password you should use "double" salt

Create a salt (random md5 or sha1) then use format something like sha1("--$password--$salt--") and then store hashed password and salt in database.

Then, when authenticating you recreate the hash from --$pass--$salt-- string and compare it to the pass stored in db.