Password salting adds additional characters to passwords before hashing them, and prevents many types of attacks, including dictionary, brute force, and rainbow table attacks.

In cryptography, a salt is random data that is used as an additional input to a one-way function that “hashes” a password or passphrase. Salts are closely related to the concept of nonce. The primary function of salts is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks.

A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database.

Hashing allows for later authentication while protecting the plaintext password in the event that the authentication data store is compromised.

Cryptographic salts are broadly used in many modern computer systems, from Unix system credentials to Internet security.