Using Random Slats to Prevent rainbow attacks.

Using Random Slats to Prevent rainbow attacks.

Vikas Taank Vikas Taank

Vikas Taank

Published Feb 5, 2026
+ Follow


What is a salt?

A salt is a random value added to a password before hashing it.

Instead of hashing just: 

password123

We can Hash 

password123+ random salt

Need for salting is necessary?

Yes Because hashes are deterministic:

Same input → same hash

Without a salt:

  • Every user with password123 gets the same hash
  • Attackers can pre-compute huge lists of: password → hash
  • These lists are called Rainbow Tables

Understanding Rainbow table attack?

Article content

A rainbow table is a massive lookup table of: 

common password → precomputed hash

If an attacker steals your password database:

  • They don’t guess passwords one-by-one
  • They just look up the hash and that results in to an instant compromise.

Solution is Unique Salt per password:

Article content

Each user gets a different random salt:

Even though the password is the same:

  • Hashes are completely different
  • Rainbow tables become useless

An attacker would need:

A separate rainbow table for every salt Which is computationally infeasible.

Best Practices:

Important: Salt ≠ Secret

To view or add a comment, sign in

More articles by Vikas Taank

See all articles

Explore content categories