What is salting in cryptography? | Why do we need salting when saving passwords in the database? (Simple Explanation)
Salting is the concept of adding random data in the plaintext data ( Example: Password ) and then creating the hash of that combination this is called salting. By doing this, even if you are using the same plain text, it is possible to get different hashes. Why do we need salting when saving passwords in the database? Hash is not unique to themselves due to the nature of the hash function, when given the same input in the hash function, the same output is always produced. We need salting because the same hash function produces the same output for the same input. Let's take an example: An attacker is able to exploit the SQL injection vulnerability in a website and dump all the credentials from the database. The usernames are mostly unique if the application is using a username and password for authentication, but it's possible that the password is the same for many users. This means that the hash stored in the database is also the same for the same password if they are not usi