WildHoney took the words right out of my mouth. The point of salts is to provide a secure encryption key, and it is always best to make it dynamic. I remember on one site a while back, I stored the salt with the password in the DB. I used an md5 function to generate a random key based upon the current time (md5(time)) and than uploaded that to its own column. Although that was a couple of years ago and there are course better methods of encryption now. :)