Passwords are usually delineated as "hashed and salted". salting is simply the addition of a unique, random string of characters renowned solely to the site to every parole before it's hashed, typically this "salt" is placed in front of each password. The salt value needs to be hold on by the site, which means typically sites use the same salt for each parole. This makes it less effective than if individual salts are used. The use of unique salts means that common passwords shared by multiple users - like "123456" or "password" - aren't revealed revealed when one such hashed password is known - because despite the passwords being the same the immediately and hashed values are not. Large salts also protect against certain methods of attack on hashes, including rainbow tables or logs of hashed passwords previously broken. Both hashing and salting may be repeated more than once to increase the issue in breaking the security.