Quote:
|
Originally Posted by teknomage1
If you discard the original salt you have no way to re-encrypt the user's login data, to verify they typed the proper password.
|
Exactly. Unless he's talking about something different like salting some part of a cookie or some key, changing the password salt will break everyone's password.
-r