DEV Community

Cover image for Password Security:Dynamic Salt
ADEKOLA Abdwahab
ADEKOLA Abdwahab

Posted on

3 1

Password Security:Dynamic Salt

It is good to salt (static) your password.

It is good to hash your salted password.

But it is not so difficult for attackers to breach these methods.

To add an extra layer of security, the principle of DYNAMIC SALTING emerged.

Dynamic salting is the act of using different salt for different users. These salts are generated newly each time a password has to be saved, whether through a password reset or new signup.

How can you implement DYNAMIC SALT/SALTING as a developer?

Here are 5 simple steps to achieve strong password security via dynamic salting:

A. For new signup

  1. get the user's password (e.g. myP@$swaRd)
  2. generate a new salt (e.g. 8jdn*nY4rg^s@1)
  3. salt the password to give 8jdn*nY4rg^s@1myP@$swaRd, you can put the password first, the order does not matter.
  4. then hash the password, to give something like c150eb6c1b776f390be60a0a5933a2a2f8c0a0ce766ed92fea5bfd9313c8f
  5. save the hash to the db, also save the salt to the db in the record on this user.

B. to authenticate (confirm) a user

  1. get the email and password a user is trying to login with
  2. use the email to retrieve the salt from the DB
  3. use the retrieved salt to salt the inputted password.
  4. using the same formula you used when creating the password as a new user, hash the result of step 3
  5. compare the result of step 4 with the password you retrieved in step 1

Voila!!

Follow and tweet @wahabind

API Trace View

How I Cut 22.3 Seconds Off an API Call with Sentry 👀

Struggling with slow API calls? Dan Mindru walks through how he used Sentry's new Trace View feature to shave off 22.3 seconds from an API call.

Get a practical walkthrough of how to identify bottlenecks, split tasks into multiple parallel tasks, identify slow AI model calls, and more.

Read more →

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay