diff --git a/src/KeyKeeper/PasswordStore/Crypto/CompositeKey.cs b/src/KeyKeeper/PasswordStore/Crypto/CompositeKey.cs
index c9b5182..f95b90e 100644
--- a/src/KeyKeeper/PasswordStore/Crypto/CompositeKey.cs
+++ b/src/KeyKeeper/PasswordStore/Crypto/CompositeKey.cs
@@ -7,22 +7,39 @@ namespace KeyKeeper.PasswordStore.Crypto;
 public class CompositeKey
 {
     public string Password { get; }
-    public byte[] Salt { get; }
+    public byte[]? Salt
+    {
+        get { return salt; }
+        set
+        {
+            if (salt == null)
+                salt = value;
+        }
+    }
 
-    public CompositeKey(string password, byte[] salt)
+    private byte[]? salt;
+
+    public bool CanComputeHash
+    {
+        get { return salt != null; }
+    }
+
+    public CompositeKey(string password, byte[]? salt)
     {
         if (password == null)
             throw new ArgumentNullException("password");
         Password = password;
 
-        if (salt == null || salt.Length < FileFormatConstants.MIN_MASTER_SALT_LEN ||
-            salt.Length > FileFormatConstants.MAX_MASTER_SALT_LEN)
+        if (salt != null && (salt.Length < FileFormatConstants.MIN_MASTER_SALT_LEN ||
+            salt.Length > FileFormatConstants.MAX_MASTER_SALT_LEN))
             throw new ArgumentException("salt");
-        Salt = salt;
+        this.salt = salt;
     }
 
     public byte[] Hash()
     {
+        if (!CanComputeHash)
+            throw new InvalidOperationException("salt is not set");
         byte[] passwordBytes = Encoding.UTF8.GetBytes(Password);
         byte[] hashedString = new byte[passwordBytes.Length + Salt.Length * 2];
         Salt.CopyTo(hashedString, 0);