How large should my password salt be? [duplicate]

This question already has answers here: Closed 11 years ag开发者_如何转开发o.

Possible Duplicate:

What is the optimal length for user password salt?

I have a database like below:

create table user (id int primary key auto increment,
     username varchar(64),
     password varchar(128), # sha512 hash of password
     password_salt varchar(128) # sha512 hash of a random number used as salt
)

Is this a good idea for ensuring password security with a salt? How long should a salt be? I assume that it can't hurt to have a 128bit (SHA-512) salt, but I've been wrong before.

---

I have several comments:

• Salts should be random and unique per user, but they don't have to be a hash digest. The idea of a salt is just to make the hash digest unique per user to resist dictionary attacks and rainbow table attacks. The salt doesn't add to the strength of the hash digest algorithm, regardless of the salt's length.

• DES uses 12 bits for the salt. Updated UNIX password systems use more, up to 128 bits.

• If you want stronger passwords, consider using bcrypt or PBKDF2.

• FWIW, a SHA-512 hash digest (encoded as hex digits) is always exactly 128 characters, regardless of the length of the input. So I'd use CHAR(128) instead of VARCHAR(128). Use BINARY(2) or BINARY(3) for the salt.