I mean the MAIN SALT (or a part of it) ... imagine the Server get's compromised ... then the Hacker has access to the SALT + DATABASE ... and can decrypt all Passwords as he wants ...
This would not be possible if the Main Salt isn't saved on the Server but only in Memory in the current Session ...
I mean the MAIN SALT (or a part of it) ... imagine the Server get's compromised ... then the Hacker has access to the SALT + DATABASE ... and can decrypt all Passwords as he wants ...
This would not be possible if the Main Salt isn't saved on the Server but only in Memory in the current Session ...