On 12/19/2011 11:33 PM, Katronix Serf wrote: > For this, random uuid, would imply its not the user's uuid? Could you > use that instead? > No, because you want to keep the salt secret and random. Using the user's UUID gives the secret away without compromising the database. -BlueWall