Is it okay to store salts with hashes?

Question

My understanding is that a salt is not intended to be secret, it is merely intended to be different from any centralized standard so that you can\'t develop a rainbow table or s

Answer 1

Your second solution "Have a salt per password stored" is the right one and typically used.

The "Salt" is primarily there to make it difficult to detect when two users have the same password - so you mix a known "Salt" into the password. The salt needs to be gettable at password check time.

So typically either you generate a random salt and store it with the password OR you use some other identifier (user ID, username etc) as the salt.