Re: How passwords can be crypted in postgres?

From: "Gordan Bobic" <gordan(at)freeuk(dot)com>
To: <pgsql-general(at)postgresql(dot)org>
Subject: Re: How passwords can be crypted in postgres?
Date: 2001-01-02 10:05:13
Message-ID: 005a01c074a3$8bd5a6a0$8000000a@localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

> I usually just run 'crypt()' on the clear text before storing it to the
> backend ...

Isn't this just as bad? If you store the encrypted password, that doesn't
help you in the slightest in this case, because if you can breach the list
of encrypted passwords, you still know what you need to send as the
"password" from the front end to let you into the database.

Unless I am missing something here, doing this doesn't make any
difference... Not for someone serious about breaching security, anyway...

Regards.

Gordan

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Gordan Bobic 2001-01-02 10:20:46 Re: SV: MySQL and PostgreSQL speed compare
Previous Message Gordan Bobic 2001-01-02 10:01:58 Re: SV: MySQL and PostgreSQL speed compare