On Sun, 7 May 2000, Tom Lane wrote:
> Using the username instead of an independent random value to salt the
> stored password is not a small change, it is a fundamental weakening of
> the security system.
That's what I was doing, substituting the original random salt for the
username.
> If you don't see that this is so then you don't
> understand anything about cryptography.
Was this smartass comment really necessary, Tom?
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: vev@michvhf.com http://www.pop4.net128K ISDN from $22.00/mo - 56K Dialup from
$16.00/moat Pop4 Networking Online Campground Directory http://www.camping-usa.com Online Giftshop
Superstore http://www.cloudninegifts.com
==========================================================================