My understanding is during a signup, the password is saved as hash.
When the user logs in, the text input password is converted into hash and then this hash is checked with the one in database. If both matches, access granted.
How does salt come into play in all of this, and if salt changes everyday, then the hash should be different every other day for the same text.
Please correct me wherever I am wrong.
My understanding is during a signup, the password is saved as hash.
When the user logs in, the text input password is converted into hash and then this hash is checked with the one in database. If both matches, access granted.
How does salt come into play in all of this, and if salt changes everyday, then the hash should be different every other day for the same text.
Please correct me wherever I am wrong.
The salt is random. You save the salt too with your password. However, you hide the hashing algorithm.
Agreed !