I've seen people use the password as the salt before, but I have some hesitations about it. This seems to defeat the two arguments I've heard for salts.
- Same plaintext yields different ciphertext.
Obviously if the salt is determined by the plaintext, this idea flys out the window.
- Greatly expands the ciphertext dictionary needed to check for common passwords.
If the cracker figures out that your salts are based on the plaintext, the dictionary needed is exactly the same size as if there were no salts used at all.
Of course, I've never quite gotten the concept of salts anyway.... They seem like a poorly thought out concept left over from the 70s. Use one of the modules mentioned above instead.
-Blake