Cheryl wants to make it more difficult for an attacker to use rainbow tables to attack the hashed password values she stores. What should she add to every password before it is hashed to make it impossible for the attacker to simply use a list of common hashed passwords to reveal the passwords Cheryl has stored if they gain access to them?

A salt is a value added to a string before it is hashed. The salt is stored so that it can be added to passwords when they are used in the future to compare to the hash. Since each salt is unique, this means that an attacker would need to generate a unique rainbow table for every salt to be able to attack the stored hashes effectively. For high-value passwords, this may be worthwhile, but for bulk lists of passwords, it is not a reasonable attack method.