If I make the SALT random for each user, how do I authenticate them?

Question

I\'ve been reading up on the benefits of salting and hashing passwords, but one thing still eludes me...

When I provide a random salt for each user, how do I then know

Answer 1

You do not need a separate salt for every password.

The purpose of salting is to resist rainbow tables -- you convert a candidate password into a new string that has your salt in it; since the salt is some private string only you possess, knowing the hash of a salted password will not help an attacker who has a run of the mill rainbow table.

A clever attacker can try to build a custom rainbow table just for your service by creating an account, and changing his password to observe what the resulting hash is. If the salt is the same for every user, then when he sees that the hash "xyz123" corresponds to "apple", and notices that another user's hash is also "xyz123", he can conclude that that user's password is "apple". This is the point where most people decide to store a unique salt for each user.

However, this is unnecessary. You already have a unique string for each user -- the username. It's not secret, so it is not a good salt; however the concatenation of the username and a global secret salt is both secret and unique. If you store the hash of (username+salt+password), you only need to know the single global salt value at lookup time.

(it's true that this poses a greater risk if someone leaks the single global salt. But it's a technique worth considering).