Are hashed and salted passwords secure against dictionary attacks?

Question

I understand that salts make the same password hash to different values. However, salts are usually stored in the database with the password. So let\'s say I am attacker,

Answer 1

That's correct. If someone got the password material, a dictionary attack would be effective.

To guard against this:

• Make sure your passwords aren't subject to dictionary attacks.
• Make sure your password file (/etc/shadow) is readable only by root.