I think the point is that you should use bcrypt and salt at the same time. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bostonvaulter2 on Dec 14, 2010 \| parent \| context \| favorite \| on: How To Safely Store A Password I think the point is that you should use bcrypt and salt at the same time.

tptacek on Dec 14, 2010 [–]

You don't need to do anything like that; bcrypt does all this stuff for you. Don't salt bcrypt.

youngian on Dec 14, 2010 | [–]

I think people would be a lot less confused if you said this first. Say "Don't salt bcrypt, bcrypt salts for you" and you'll have to explain yourself less.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact