Bill Ward writes: > I didn't think that a salt was necessary with a one-way hash.
Google makes even the best hash functions reversible for some inputs: http://www.google.com/search?q=5d41402abc4b2a76b9719d911017c592 http://www.google.com/search?q=aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d http://www.google.com/search?q=2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 http://www.google.com/search?q=9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca72323c3d99ba5c11d7c7acc6e14b8c5da0c4663475c2e5c3adef46f73bcdec043 Storing a hashed password without a salt is only marginally better than storing a cleartext password. -- Aaron Crane ** http://aaroncrane.co.uk/
