>> P.S. - I'm not considering storing the salt in the DB as being >> properly secured. That's kind of like keeping the key to your house >> under the door mat. You can get in, if you know where to look.
> The UNIX passwd database and LDAP userPassword attribute store the salt in plain sight with the password hash. There are ACLs protecting those assets. Still failing to see your point. -- Eric Marden
