[Cryptography] Repeated Salts?

[Jerry Leichter]

> Is there software still in use that is likely to repeat salts across
> separate installations?
> 
> For example, does anything hash the username in order to get a salt,
> whereupon ALL of the people who select a common username get their
> passwords hashed with the same salt, across many installations?
I've never heard of this happening, though it would certainly not surprise me if it has.  Obviously, it defeats the purpose of a salt, but that doesn't mean someone who programmed by rote, without any real understanding, hasn't done it.

Returning to your first question:  The earliest implementation of a salt, in Unix 6 or thereabouts and for a while after, used a 12-bit salt.  Obviously this resulted in duplicate salts, certainly within the space of all Unix installations and likely even at some individual installations.

True story:  At Yale University back in the early '80's, when salts were 12 bits and shadow password files hadn't been invented, some undergrad noticed that his salt and encrypted password exactly matched that of root on a CS department Unix system.  Not as impossibly unlikely as it sounds:  The root password was a dictionary word, something like "dolphin".  (Hey, those were much more innocent days.)  So of course he now had access to root.  He played some games with the system - nothing really harmful - and eventually got caught.  That's how the story of how he got the password to begin with came out.  Given, again, the more innocent era, nothing much was done to him; he may even have been hired as a student employee.

                                                        -- Jerry