Client connects to Server Server sends salt: *%S%* Client sends hash over hashed password and salt: *%H(H'(P) S)%* Server compares received hash with it's own computed hash (from the hashed password *%H'(P)%* stored in the database) A salt is used because without it you can authenticate simply by using a replay attack