Reason for salting password hash (or, why “season” the password?)

I recently decide to start re-learning PHP, and started with building in a security framework for the application I’m developing. In my search for how to implement password authentication in PHP, I started to notice that many still neglect “salting” the password at rest. In other words, many believe that creating an MD5 hash of the password is enough. This is simply not the case. The whole reason for salting a password is to create randomness in the password hashes created.
Continue reading Reason for salting password hash (or, why “season” the password?)