Local parameter Must contain sufficient entropy way beyond a typical password or even passphrase Hashes are not crackable offline without knowledge of the local parameter However, if the local parameter is stored right on the authentication server or in the password database, then it is likely to be stolen/leaked along with the hashes Problem: migration of locally-parameterized hashes between systems with different local parameters Solution: embed a "local parameter ID" in the hash encodings, support multiple local parameters at once