Re: PostgreSQL cleartext passwords

At 05:38 PM 18-05-2000 -0400, Tom Lane wrote:
>Not so! "crypt" authentication provides for sending passwords in
>crypted form during login (which is good if you're afraid of password-
>sniffers, but then maybe you should be using SSL to protect your whole
>session, not only the password). But it doesn't change the contents
>of pg_shadow.

But if someone sniffs the crypted form, won't they be able to reuse it?

What's there to prevent reuse of the crypted form? If there's nothing to
prevent that, I do not see any benefit of the crypt method, it's just a
waste of time.

I never really understood the postgresql crypt password mode- if it was
what I understood it to be, it was pretty much useless. In the end I stuck
to plaintext passwords, easier for me to understand.

>BTW, there is no particularly good reason to be storing passwords in
>the Postgres database at all --- you can instead use Kerberos
>authentication, or perhaps "ident" authentication (though ident is
>only OK if logins are only accepted from machines whose sysadmins you
>trust, since ident is easily faked on an insecure machine).

That probably means that ident is easily faked on most machines :).

I figure it's probably better to have a secure net (switched perhaps). If
external insecure machines need to use stuff in the secure net, there
should be a dedicated VPN or SSL server for that purpose.

Cheerio,

Link.