You must ofc 'salt' people passwords just before hashing them to prevent having the ability to Get better the original password from the hash. $endgroup$ It should be CPU-heavy to make brute drive attacks more challenging/impossible, just in case your database might be leaked. According to the interviews at https://billc806uxl1.wikitidings.com/user
