29Eyl
Is there any benefit to use different salt for different encryption algorithms for same user
There is two different passwords for a single user. I'm hashing both for future validation. I'm currently using a single unique salt for the user, but each is hashed with a different algorithms (PBKDF2 with different algorithm and different interation counts).
Is there any benefit to also use separate salts for each of the hashes? or is the different algorithm enough? My understanding is that the hash algorithm change effectively requires an attacker to generate a unique rainbow table for collision attack, so two salt seems overkill, and just adds to management overhead.
