This is called a pepper: https://en.wikipedia.org/wiki/Pepper_(cryptography) If ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		aflagatopamoon on May 1, 2018 \| parent \| context \| favorite \| on: The False Allure of Hashing for Anonymization This is called a pepper: https://en.wikipedia.org/wiki/Pepper_(cryptography) If you read the article above, you'll see that you still need a salt, since users with very simple passwords will have the same hash: crack one, and you can crack the others for free.

bglusman on May 11, 2018 [–]

Yeah I should have been clear this wasn't for passwords at all, ever, this was/is only for other kinds of PII

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact