https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/How-can-an-entity-ensure-that-hashed-and-truncated-versions-cannot-be-correlated-as-required-in-PCI-DSS-Requirement-3-4 … In which this quote appears: "Use of a unique, strong and secret input variable (e.g. salt)"
and suggests that "no correlation in the DB" doesn't still require salting to slow down batch correlation attacks
-
-
As of the current standard, salts are an "optional" input value for your hashes.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.