From: | Mario Splivalo <mario(dot)splivalo(at)mobart(dot)hr> |
---|---|
To: | pgsql-sql(at)postgresql(dot)org |
Cc: | "Penchalaiah P(dot)" <penchalaiahp(at)infics(dot)com> |
Subject: | Re: hi i need to encrypt one field in a table |
Date: | 2006-05-30 15:09:54 |
Message-ID: | 1149001795.18422.35.camel@localhost.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-sql |
On Tue, 2006-05-30 at 15:42 +0530, Penchalaiah P. wrote:
> Hello,
> I want to create a table with an encrypted field for a password entry, so
> that you can see only ********.
> And can I encrypt fields which datatype is an integer or a timestamp?
No can do. I mean, you can't do something like that. You can either give
(actually, revoke) that particular user/role permisions to read the
table with the passwords, or you could store hashed values to the
database.
Later is prefered, I'd say. You could use md5() function to create
hashes, store those in the database, and when checking for the
credentials compare the hases. You'd compare user input flushed trough
md5() function with the hash you have in the database. That way you
don't know what user passwords are, and you could only set a new
password if user forgets his/hers password.
You don't need encrypted passwords.
Mario
--
Mario Splivalo
Mob-Art
mario(dot)splivalo(at)mobart(dot)hr
"I can do it quick, I can do it cheap, I can do it well. Pick any two."
From | Date | Subject | |
---|---|---|---|
Next Message | filippo | 2006-05-31 17:53:59 | datestyle on windows environment: how to set? |
Previous Message | Juris | 2006-05-30 10:14:30 | Re: hi i need to encrypt one field in a table |