Hi Hector, > How about security by obscurity? If your db table has a field named "salt" > it's too obvious, but if you use a non-changing value from the users table > (like signup date) concatenated with some application constant it should add > a reasonable level of security.
Ok, so I wasn't far away from it. Adding an application constant seems to be the pepper to the salt. Good to know. Best regards, Ralf