Found by etotheipi, likely due to this comment being wrong:
https://github.com/bitcoin/bitcoin/blob/master/src/crypter.cpp#L68
This hurts security by making it easier to brute force, but not significantly, should be easily fixable.