| From: | Jens Hartwig <jhartwig(at)debis(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: How passwords can be crypted in postgres? |
| Date: | 2001-01-02 10:40:48 |
| Message-ID: | 3A51B030.DEFBBDEB@debis.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> [...]
> Isn't this just as bad? If you store the encrypted password, that doesn't
> help you in the slightest in this case, because if you can breach the list
> of encrypted passwords, you still know what you need to send as the
> "password" from the front end to let you into the database.
> [...]
If you encrypt the input from the frontend as well and compare the
encrypted strings it will not help you to look into the list of
encrypted passwords ... or am I wrong?
Regards, Jens Hartwig
=============================================
Jens Hartwig
---------------------------------------------
debis Systemhaus GEI mbH
10875 Berlin
Tel. : +49 (0)30 2554-3282
Fax : +49 (0)30 2554-3187
Mobil : +49 (0)170 167-2648
E-Mail : jhartwig(at)debis(dot)com
=============================================
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Colin Taylor | 2001-01-02 10:46:32 | System Tables Questions |
| Previous Message | Gordan Bobic | 2001-01-02 10:20:46 | Re: SV: MySQL and PostgreSQL speed compare |