Can you hack a hashed password when the salt is stored next to the hash?

Ok, so I've been re开发者_开发问答ading (a lot!) about security and the whole deal about hashing, salting, encrypting, etc. and something I keep seeing is really bugging me. It seems a lot of people that really seem to know their stuff keeps saying it's OK to store the salt with the hashed password in the DB.

I can't help but to wonder, why? What if your DB is dumped? They have access to everything which, to me, means they can look at any one record and voila(!) there's the hashed password and the plain text salt right next to it. That gives them the info they need to run it against rainbow tables and/or dictionary attacks doesn't it?

I must be missing something (yeah, that's never happened before!!) and would really enjoy some enlightenment on the matter.

Rainbow tables are ineffective against a collection of differently-salted passwords, even if the salt is known; you would have to build a different table for each salt, and that defeats the entire purpose of rainbow tables. It will be faster for an attacker to brute-force each password individually. This is the purpose of having per-user salt.

In other words, rainbow tables are only effective when you are trying to break many passwords that were all digested the same way, using the same digest algorithm. Throwing in different salt for each password means that the passwords are not all digested the same way.