MD5 password storage - should be the same everywhere?

From: Francisco Reyes <lists(at)natserv(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: MD5 password storage - should be the same everywhere?
Date: 2015-05-25 20:41:15
Message-ID: 556388EB.80405@natserv.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Should the same password, stored in MD5, be the same across different DBs?

If I did either:
create user SomeUser encrypted password 'SomePassword';
alter user SomeUser encrypted password 'SomePassword';

On multiple machines, should the MD5 be the same?
using
select rolname, rolpassword,rolcanlogin from pg_catalog.pg_authid where
rolname = 'SomeUser';

Should the MD5 be the same?

I see one machine where a user has a different md5 but the password is
the same as several other machines. In other words the MD5 is different,
but the password is the same. Is that expected?

In other words say I have machine1... machine5 and I have user with
password 'SomePassword' in 4 of the machines the MD5 is the same, but in
(say for example) machine 2 the MD5 is different. Yet I can login to the
user in that machine with 'SomePassword' as password.

Restoring from this "machine2" to another machine and none of the
passwords worked.

Any pointers/ideas of what is going on?

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Adrian Klaver 2015-05-25 23:58:42 Re: MD5 password storage - should be the same everywhere?
Previous Message Daniel Begin 2015-05-25 20:03:10 Re: FW: Constraint exclusion in partitions