On Wed, 21 Aug 2002, Bruce Momjian wrote:
> As long as the salt is visible to the user just like the MD5 version of
> the password, we don't see any advantage to a random salt.
The only advantage is that there are likely to be more possibilities for
random salts than for user names. Again, if you're mounting an offline
dictionary attack, you could probably come up with user names likely
to appear (postgres? httpd? apache?) which would expand your dictionary
only by a factor of 5-10. Random salts would totally thwart this approach.
Plus, they can mask the fact that two users with the same name but in
different PostgreSQL installations have the same password.
--
David.
