storing passwords

From: Ron Peterson <ron(dot)peterson(at)yellowbank(dot)com>
To: <pgsql-general(at)postgresql(dot)org>
Subject: storing passwords
Date: 2000-12-10 01:24:25
Message-ID: Pine.LNX.4.30.0012092000020.14666-100000@h00a024ee7419.ne.mediaone.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general


I'd like to propose the unthinkable, to see what people think.

I have been considering the possibility of storing passwords in a
PostgreSQL database. Unencrypted.

Boo Hiss. I know, I know...

But consider. In an environment with multiple architectures, and
multiple applications, with many users, password management is
difficult, at best.

Solutions like LDAP are a step in the right direction, but until there
is widespread support of this standard, it is only a partial
solution. Besides which, my preferred implementation, OpenLDAP, has
yet to fully support SASL. (LDAP => SASL yes, SASL => LDAP no).

In addition to the problem of the need to distribute authentication
credentials, there is the small matter of simply *remembering* lots of
different passwords. We're all told: "Don't write them down, but make
them impossible to crack." Which might be fine if there you only had
one or two passwords to remember. But I'd hazard to guess I have some
dozens of passwords I need to know. Some I use frequently, some not.
I try to minimize, but that's not always something I can control.

So yes, I do physically record my passwords. Truth be told, they are
in a file on my computer, to which only I have access. There, now you
know. Hack me to bits. I don't know how else to manage this problem.

So I've been thinking about doing something like the following.
Against my better judgement, which is why I'm writing this damnable
expose of my ignorance. Disabuse me, please. Am I completely nuts,
or could something like the following work?

In a multi-user environment, allow people to change their password via
a web form. Via https, of course. Store the password, *unencrypted*,
in PostgreSQL. Run scripts to distribute updates to necessary
locations. Maybe crypt, maybe md5, maybe sha, as required. Via
secure channels, of course.

I cringe as I await your response...

-Ron-

Browse pgsql-general by date

  From Date Subject
Next Message Tom Lane 2000-12-10 02:11:00 Re: Unanswered questions about Postgre
Previous Message Ashley Clark 2000-12-10 00:37:51 why doesn't this work?