I want to make a secure website. Is updating the password salt every time a user logs in a good idea?
Edit: I additionally use a global salt, which is hard coded.
It is important to note that each user's password should have its own unique salt; otherwise, the salting process simply makes the password longer without impeding hackers' attacks. With an additional step of salting, the authentication process will be a little bit different.
By using usernames as salts, we provide attackers with enough information ahead of time to weaken the system's security. With random salts, work to crack the password hashes can only begin after the target system has been compromised.
A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords. Salts help us mitigate hash table attacks by forcing attackers to re-compute them using the salts for each user.
Salting prevents hackers who breach an enterprise environment from reverse-engineering passwords and stealing them from the database. Password salting increases password complexity, making them unique and secure without affecting user experience.
No, it makes no sense at all.
The purpose of salting hashes is to make them unique even if the original password is the same. This avoids e.g. rainbow table attacks or re-using a stolen hash on another website where the hash is sufficient to login (happens with bad remember-me implementations).
Assume an attacker got the stored password hash from your database. This usually means that he knows both the salt and the final hash. Now he can already brute-force this single password. Assuming there are no collisions he'll end up with the actual password of the user when the brute-force attack succeeds. And that one will work no matter what salt is used at this moment.
For more information about salting I suggest you to read this excellent answer on IT Security
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With