A SALT in password hashing is
Aa kitchen flavour enhancer only
Ba backup of the original password
Ca faster hash algorithm variant
Drandom per-user value mixed into hash input
Answer & Solution
Correct answer: D. random per-user value mixed into hash input
1. SALT: a random value added to a password before hashing. Each user gets a UNIQUE salt.
2. PURPOSE 1: prevents RAINBOW TABLES — precomputed tables that map common password hashes back to plaintexts. With a unique salt, a rainbow table for plain 'password123' is useless.
3. PURPOSE 2: prevents identifying that two users have the SAME password (their salted hashes differ).
4. The salt is stored ALONGSIDE the hash in the database; it doesn't need to be secret, just unique and random.
5. Modern password hashing functions (bcrypt, Argon2, scrypt) embed a salt automatically — but legacy systems need explicit salt handling.
_Source: NIST SP 800-63B (Digital Identity Guidelines) + Boneh & Shoup §8.2._
Related questions
RSA encryption with PKCS#1 v1.5 padding is now consideredFORWARD SECRECY in TLS meansA CERTIFICATE AUTHORITY (CA) in PKI does what?TLS (Transport Layer Security) uses a HYBRID encryption scheme. Why?An HMAC (Hash-based Message Authentication Code) providesWhich block cipher mode is INSECURE and should NEVER be used because it leaks PATTERNS in Which hash algorithm is considered DEPRECATED / WEAK and should NOT be used for new applicDIFFIE-HELLMAN key exchange allows two parties to