| From: | "Mark R(dot) Dingee" <mark(dot)dingee(at)cox(dot)net> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Cc: | Bruno Wolff III <bruno(at)wolff(dot)to> |
| Subject: | Re: PGSQL encryption functions |
| Date: | 2005-11-01 22:00:50 |
| Message-ID: | 200511011700.50776.mark.dingee@cox.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Bruno,
I use an authenticate() function as a part of state maintenance in a PHP web
app. In the function, I generate an encrypted token that is then used in the
validation process on subsequent pages. md5 works, but I've been able to
brute-force crack it very quickly, so I'm looking for an alternative. Any
thoughts would be greatly appreciated.
Thanks,
Mark
On Tuesday 01 November 2005 04:28 pm, Bruno Wolff III wrote:
> On Tue, Nov 01, 2005 at 14:38:05 -0500,
>
> "Mark R. Dingee" <mark(dot)dingee(at)cox(dot)net> wrote:
> > Everyone,
> >
> > I'm in need of a one-way pgsql script that will take a plain-text string
> > and return an ecrypted string (preferably 32 character) . I've been
> > using md5('string'), but I'm concerned it's too weak for my needs. Does
> > anyone have any recommendations?
>
> What are your needs?
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Have you searched our list archives?
>
> http://archives.postgresql.org
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-11-01 22:13:30 | Re: PGSQL encryption functions |
| Previous Message | Lane Van Ingen | 2005-11-01 21:38:12 | Can't Get SETOF Function to Work |