Excuse me for my ignorance if incorrect, but if a unique salt is used for each user, and the salts were not compromised, would it then not be possible for the passwords to be cracked no matter what encryption is used?
My post was meant as a reply to the comment by psycr and I just moved it there.
My - and a very often valid - assumption is, that unique per user salts a stored together with the username and hash. Distributing this information across different systems will make it harder for attackers but such schemes are not very common. There is also the risk that the weakness that enables an attacker to compromise one part of the information will also enable them to compromise the other part(s). Therefore it is probably a good idea to use systems as different as possible to store the different parts, for example two different database systems from different vendors.
Unique salts have to be stored somewhere. A common practice is to just use another piece of information associated with their account. The purpose of a salt is to make various bruteforcing attacks difficult. It doesn't do much if someone has full access to a system.
> Unique salts have to be stored somewhere. A common practice is to just use another piece of information associated with their account. The purpose of a salt is to make various bruteforcing attacks difficult.
All absolutely true.
> It doesn't do much if someone has full access to a system.
Not true. Without salt they can try passwords and if the hash matches ANY in the system they know the password for those accounts. With a big dictionary of likely passwords (or just normal words) many passwords will be discovered very quickly.
With salt you have to try the password dictionary against EACH user (actually each salt value but they should be unique). This makes discovering passwords harder by a factor of the number of users. Yes you can pick any user and run the dictionary and have a good chance of finding the password but you have to expend large computing resource for little reward (possibly worth it to break a bank account but not the average web app).
The only real advantage you gain from a salt these days is that a precompiled database of hashes can't be used against you. Whether it be from someone's personal collection or one of those web-based hash sites.
Generating a rainbow table for each user isn't that much more difficult or time-consuming than having a single rainbow table. Processing power is cheap and easy to come by these days. A small botnet can be rented to generate rainbow tables at a faster rate than most supercomputers.
