On Friday, 27 November 2015 at 16:14:06 UTC, H. S. Teoh wrote:
True, so you'd store hash(password01) in the database, and computehash(X + hash(password)) during authentication.T
Another option is SCRAM: https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism