Re: Encoding passwords

> > That said if hostile people get to the stage where they can read the
> > encoded passwords, you're probably screwed anyway - they're likely to be
> > able to do other things some even more undesirable. So it's not really a
> > big deal compared to other issues.
> >
>
> We have new code in 7.2 that will do MD5 encryption of passwords stored
> in pg_shadow. We add the salt to the front of the password before
> passing through MD5. You are suggesting putting the salt at the end.
>
> I guess the issue is that if you can get the salt part found out, you
> can use that to attack the password part. Also, consider that we use
> the username as the salt as stored in pg_shadow. We can easily put the
> salt in the back, but then there is the risk that a long password would
> not take into account the salt. My feeling that this is more a
> theoretical concern and we may be opening ourselves up to more problems
> if we make the change.

OK, I have applied the following patch to the MD5 code that puts the
salt at the end. We can't change the crypt() stuff because that is
being used in older releases.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026