| From: | Fran Fabrizio <ffabrizio(at)mmrd(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | encrypting a password field in the database |
| Date: | 2001-08-02 16:47:44 |
| Message-ID: | 3B698430.47B9471B@mmrd.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello,
One of my fields is used to store a password field. I would like this
field to be encrypted. The way we do it now is to have our perl scripts
encrypt it before inserting it and decrypt it after selecting it. This
is something of a pain because there are 4 different machines that have
need of this functionality, so that means I have to maintain 4 installs
of the helper module that contains the encryption/decryption code. It
makes more sense to me to localize this in the database itself, and
provide a pair of functions to encrypt and decrypt a string which we
would use when inserting/selecting the password. However, I looked into
plperl and realized (the hard way) that plperl restricts you from doing
anything useful like use Crypt::Blowfish; for security reasons. Is
there another way I could localize this code (or something that performs
the same function) in the database or at least on the server that runs
the database?
Thanks,
Fran
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vivek Khera | 2001-08-02 18:07:52 | Re: [HOW TO:] timestamp WITHOUT timezone |
| Previous Message | Stephan Szabo | 2001-08-02 16:16:25 | Re: RE : Re: Re: Asking for some PL/pgSQL Tips |