If you are given these rules:
- Your salt must be N characters long or shorter
- N is a small integer
then, yes, you would want a big char set. That is not the case with salts, however. Heck, you could restrict yourself to two characters and still be arbitrarily uhm... arbitrary
by making the string longer.
The incredibly-randomness and terribly-hard-to-guessness of a salt is not critical: it is going to be hashed again.
Disclaimer: I am not a crypto expert either. /me .oO(Come to think of it, I am not an expert in anything, really. That's not very good at age 34)
Cheers.
|