Security

BRUCE%umdb at sri-unix.UUCP BRUCE%umdb at sri-unix.UUCP
Sat Jul 2 13:09:00 AEST 1983


From:  Bruce Crabill <BRUCE at umdb>

I have never understood the reason behind the "salt" in the password
ecription.  I understand that it was to help prevent duplicate ciphertext
when two users had the same password, but why not just take the userid and
encript it with the user's password and place the resultant ciphertext in
the password file?  I also agree with Ron Natalie about the concept of keeping
the passwords in a non-readable file.  Seems like the best way to avoid
problems.

                                       Bruce

ARPANET: BRUCE%UMDB.BITNET at BERKELEY
BITNET: BRUCE at UMDB



More information about the Comp.unix.wizards mailing list