From: | Peter Eisentraut <peter(at)pathwaynet(dot)com> |
---|---|
To: | Louis Bertrand <louis(at)bertrandtech(dot)on(dot)ca> |
Cc: | Gene Sokolov <hook(at)aktrad(dot)ru>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [HACKERS] Hashing passwords (was Updated TODO list) |
Date: | 1999-07-12 13:34:55 |
Message-ID: | Pine.LNX.4.10.9907120933190.4521-100000@saxony.pathwaynet.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Fri, 9 Jul 1999, Louis Bertrand wrote:
> It would be nice if the password scheme you finally settle on can be
> optionally replaced (compile-time) by the password hash available native
> on the OS. In the case of OpenBSD, the Blowfish-based replacement for the
> DES or MD5 based crypt(3) is better suited to resisting dictionary and
> other offline attacks by fast processors.
>
> This suggestion is useful in case the shadow password file is compromised.
> It is independent of any challenge-response protocol you apply upstream.
Perhaps one could also allow the use of PAM where available. That would
make things infinitely easier for administrators.
--
Peter Eisentraut
PathWay Computing, Inc.
From | Date | Subject | |
---|---|---|---|
Next Message | John Ridout | 1999-07-12 13:45:02 | RE: [HACKERS] Updated TODO list |
Previous Message | Maarten Boekhold | 1999-07-12 13:34:39 | Re: [HACKERS] Fwd: Joins and links |