Any reasonable password algorithm will have a unique salt for each password (well, a random long salt; you're highly unlikely to have collisions). Dictionary attacks still work.
Right. The analogy isn't bulletproof, but in conclusion it's pretty dumb to share information that could conceivably be used to extract some information or otherwise get an advantage when there's no reason to.
