| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | David Garamond <lists(at)zara(dot)6(dot)isreserved(dot)com> |
| Cc: | Richard Huxton <dev(at)archonet(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Salt in encrypted password in pg_shadow |
| Date: | 2004-09-07 19:09:28 |
| Message-ID: | 2897.1094584168@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
David Garamond <lists(at)zara(dot)6(dot)isreserved(dot)com> writes:
> Tom Lane wrote:
>> Also, MD5 hashing is fast enough that I'm not sure the above is really
>> significantly cheaper than a straight brute-force attack, ie, you just
>> take your list of possible passwords and compute the hashes on the fly.
>> The hashes are going to be much longer than the average real-world
>> password, so reading in a list of hashes is going to take several times
>> as much I/O as reading the passwords --- seems to me that it'd be
>> cheaper just to re-hash each password.
> Many people use short and easy-to-guess passwords (remember we're not
> talking about the superuser only here), so the dictionary attack can be
> more effective than people think.
And that responds to the speed argument how? I quite agree that a
guessable password is risky, but putting in a random salt offers no
real advantage if the salt has to be stored in the same place as the
encrypted password.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-09-07 19:14:28 | Re: Restoring dump of multiuser databases |
| Previous Message | Katsaros Kwn/nos | 2004-09-07 18:45:56 | stringToNode() for plan nodes... |