Data Salting is a concept of adding a random piece of data to the password before it runs through the hashing algorithm, making it unique and harder to crack. By adding randomness to the original plaintext password value before hashing, salting ensures that a different hashed value is generated. Consequently, the unique hash produced by adding the salt can protect us against different attack vectors, such as hash table attacks, while slowing down dictionary and brute-force offline attacks. GoDaddy’s approach to store passwords either in plaintext or reversible format allowed an attacker direct access to password credentials without the need to crack them & resulted in impacting 1.2 million customers.
