| From: | "Christophe Dore" <c(dot)dore(at)castsoftware(dot)com> |
|---|---|
| To: | "pgsql-general" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: password management |
| Date: | 2010-05-07 16:07:27 |
| Message-ID: | 30B673D7B5844B4394E188D9FFAEF0990167FE10@mx01.corp.castsoftware.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi
IMHO, you should never store password in clear
If you store the last 5 crypted passwords, then you can make it comparing the new password, crypted, to those 5 strings.
Regards
--
Christophe Doré
Implementation Product Manager
3 rue Marcel Allegot
92190 Meudon, France
+33 1 46 90 21 00 office
+33 6 1379 2910 mobile
CAST, Leader in Automated Application Intelligence
Achieve Insight. Deliver Excellence.
www.castsoftware.com <http://www.castsoftware.com/> | Gain visibility into application quality to proactively manage risk and improve team performance.
From: akp geek [mailto:akpgeek(at)gmail(dot)com]
Sent: jeudi 6 mai 2010 20:31
To: pgsql-general
Subject: password management
Dear all -
I am writing function to handle the passwords. Currently the crypt is being used to store the password in the database. what I need to do is, when the user wants to change the password, I need to check if that password is not being used before up to 5 times, If not then then records should be inserted to the database.
The problem where i am running into, when I capture the password that user entered, I can't compare to the one in database , because each time the function crypt gives different one. Is there any way that I can achieve this?
Appreciate your help
Regards
| From | Date | Subject | |
|---|---|---|---|
| Next Message | AllieH | 2010-05-07 16:10:01 | postgreSQL not working after upgrade to Ubuntu 10.4 |
| Previous Message | Filip Rembiałkowski | 2010-05-07 16:04:44 | Re: Formatted reports |