You are viewing a single comment's thread.

view the rest of the comments →

0
2

[–] dueces 0 points 2 points (+2|-0) ago 

A string of characters used to encrypt data

0
3

[–] mundania 0 points 3 points (+3|-0) ago  (edited ago)

No, that’s a key. Salt is used to make it harder to fake a tripcode.

The way tripcodes work, you provide a password and then an algorithm called a “one way hash function” or “cryptographic hash” crunches it to generate the tripcode. However, many passwords will hash to the same tripcode, so a hacker can fairly easily find a password that lets them use your tripcode.

Salt makes it a bit harder for the hackers. The board operator makes up some text string (the salt) and appends it to the password before calculating the tripcode. For example, if the user gives the password “foobar” and the salt is “xyzzy” the tripcode will be calculated from “foobarxyzzy” not just “foobar”. That makes it harder to use someone else’s tripcode - you can’t use any old password that hashes to the tripcode, you have to find something that hashes to the tripcode and ends with “xyzzy”. That’s appreciably harder, but still not even remotely secure - there’s a reason why no one in military intelligence would ever rely on tripcodes to prove they’re not an imposter.

Changing the salt wipes out all the old tripcodes (use the same password as before and you’ll get a whole new tripcode).

0
0

[–] SpreeFeech ago 

Best reply. Thank you.

0
0

[–] DammitMan ago 

THAT made sense! IT for the tech challenged. Thank you!