Not if they don’t want the hash reversed. I.e. keep the salt secret and the hash is still valid for identifying a dataset but functionally only the original vendor could attack the hash via rainbow tables. (It would still be a brute-force attack as per the SO discussion linked above, but they would have the significant advantage of possessing a set of known salts.)
1 Like
