Re: So we're in agreement....

> > Yes, MD5, double-crypt with pg_shadow salt and random salt. Sounds like
> > a winner all around.
>
> why pg_shadow salt ? for md5 we will need to store it separately anyway.
> why not MD5(<server-supplied-random-salt> || MD5(<username> ||
> <password>))
> that way we would overcome the original need for salt (accidental
> discovery
> of similar passwords) and would have no need for storing the salt.
>
> actually we would probably need some kind of separator as well to avoid
> the scenario of <user>+<password> and <userpa>+<ssword> being the same
> and thus having the same md5 hash. so the escheme could be
>
> MD5(<server-supplied-random-salt> || '\n' || MD5(<username> || '\n' ||
> <password>))
>
> AFAIK there is no easy way to have a newline inside password.

Well, unix passwords don't use the username as salt, so why should we?

--
Bruce Momjian | http://www.op.net/~candle
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026