If the salt is random, how do we reliably generate the same salt value (For the same user) next time they log in?
The answer is to simply store the generated salt with the user pass.
For example I use PHP and MySQL and so a simple user information table only needs 3 fields: `username`, `pass`, `salt`
When someone tries to log in then you can check if the details are right by using the following:
$user = mysql_real_escape_string("USERNAME");
$pass = mysql_real_escape_string("PASSWORD");
$result = mysql_query("SELECT COUNT(`username`) FROM `table` WHERE `username` = '$user' AND `pass` = MD5(CONCAT('$pass', `salt` ))");
if(mysql_result($result,0) == 1)
{
echo "Logged in correctly.";
}
else
{
echo "Sorry, no dice.";
}