Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!BRUCE@umdb
From: BRUCE%umdb@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: Security
Message-ID: <2749@sri-arpa.UUCP>
Date: Fri, 1-Jul-83 23:09:00 EDT
Article-I.D.: sri-arpa.2749
Posted: Fri Jul  1 23:09:00 1983
Date-Received: Thu, 7-Jul-83 20:41:24 EDT
Lines: 14

From:  Bruce Crabill 

I have never understood the reason behind the "salt" in the password
ecription.  I understand that it was to help prevent duplicate ciphertext
when two users had the same password, but why not just take the userid and
encript it with the user's password and place the resultant ciphertext in
the password file?  I also agree with Ron Natalie about the concept of keeping
the passwords in a non-readable file.  Seems like the best way to avoid
problems.

                                       Bruce

ARPANET: BRUCE%UMDB.BITNET@BERKELEY
BITNET: BRUCE@UMDB