Spring Security automatically applies salting since version 3.1. Salting is the process of combining random data with a password before password hashing. Salt improves hashing by increasing its uniqueness and complexity without increasing the requirements for users, thereby reducing password attacks. Hashed passwords are then stored in a database, along with salt. Your application will be protected from Dictionary-Attack by using salting. With Salt, you can add an extra string to the password to make it more difficult for hackers to crack it.