Security
BRUCE%umdb at sri-unix.UUCP
BRUCE%umdb at sri-unix.UUCP
Sat Jul 2 13:09:00 AEST 1983
From: Bruce Crabill <BRUCE at umdb>
I have never understood the reason behind the "salt" in the password
ecription. I understand that it was to help prevent duplicate ciphertext
when two users had the same password, but why not just take the userid and
encript it with the user's password and place the resultant ciphertext in
the password file? I also agree with Ron Natalie about the concept of keeping
the passwords in a non-readable file. Seems like the best way to avoid
problems.
Bruce
ARPANET: BRUCE%UMDB.BITNET at BERKELEY
BITNET: BRUCE at UMDB
More information about the Comp.unix.wizards
mailing list