This script securely encrypts both the contents and the name of a folder using a password‑derived Fernet key (AES‑128 + HMAC), where PBKDF2 with a fixed SALT key.
A SALT is used in password‑based key derivation. If your system had no SALT, and someone used a weak password, an attacker could instantly look up the key in a rainbow table.
With a SALT the attacker would need a separate rainbow table for every possible SALT, which is infeasible.
SALT does NOT protect against brute‑force, because PBKDF2 treats the SALT as an input parameter, not as part of the password’s entropy.
