11.07.2017, 08:39
Because the exact same input string is being hashed. The only difference is that in the first case the hash function implicitly does the concatenation and in the second case the concatenation is performed explicitely. If you use the SHA256_PassHash function with password "password" and salt "qwerty" then what actually gets fed into the algorithm is simply "passwordqwerty". The function does not hash each part separately.