A salt is simply added to make a common password uncommon. A salt value is generated at random and can be fairly small, the only purpose is to lower the probability that the hash-value will be found in any pre-calculated table. A common way to combine the salt and the password is to simply concatenate them, i.e. the stored hash value is Hash(salt||password). The common password password1 now magically becomes, e.g., 6$dK,3password1 and is very unlikely to be found in a table.

Also, a pepper can be used, which is another random value concatenated to the password, such that the stored value is Hash(pepper||salt||password). The pepper is then not stored at all and therefore all possible values of the pepper need to be tested when trying to log in. Using 8 bits for the pepper give 256 possible values, which is very fast when the true user tries to log in. However the attack will work 256 times slower since all pepper values need to be tested for each password!
http://crypto.stackexchange.com/questions/177...

Die Wiki-Definitionen kann man vergessen, die sind grottenschlecht. Nur die beiden anderen treffen den Kern der Sache.

"salt" alleine würde ich als verkürzenden Jargon werten und mit /ugs./ kennzeichnen.

"pepper value" könnte man bei dieser Gelegenheit auch gleich aufnehmen (s. oben).