Quick Links

Community
Contributors
Mailing Lists
IRC
Local User Groups
Events
International Sites

Salt in encrypted password in pg_shadow

From:	David Garamond <lists(at)zara(dot)6(dot)isreserved(dot)com>
To:	pgsql-general(at)postgresql(dot)org
Subject:	Salt in encrypted password in pg_shadow
Date:	2004-09-07 13:37:01
Message-ID:	413DB97D.3000104@zara.6.isreserved.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

I read that the password hash in pg_shadow is salted with username. Is
this still the case? If so, since probably 99% of all PostgreSQL has
"postgres" as the superuser name, wouldn't it be better to use standard
Unix/Apache MD5 hash instead?

--
dave

Responses

Re: Salt in encrypted password in pg_shadow at 2004-09-07 14:19:39 from Tom Lane

Browse pgsql-general by date

	From	Date	Subject
Next Message	Tom Lane	2004-09-07 13:47:47	Re: The usual sequential scan, but with LIMIT !
Previous Message	David Garamond	2004-09-07 13:35:08	Re: restricting non superuser from accessing other databases