Re: password leak in mylog thru win odbc - Mailing list pgsql-odbc

From Dave Page
Subject Re: password leak in mylog thru win odbc
Date
Msg-id 03AF4E498C591348A42FC93DEA9661B8259E09@mail.vale-housing.co.uk
Whole thread Raw
In response to password leak in mylog thru win odbc  ("pg" <pg@newhonest.com>)
List pgsql-odbc

> -----Original Message-----
> From: pg [mailto:pg@newhonest.com]
> Sent: 19 March 2003 06:22
> To: pgsql-odbc@postgresql.org
> Subject: [ODBC] password leak in mylog thru win odbc
>
> But if a user enable the mylog in odbc, the password (pwd)
> shows up there in mylogxxxxx.
>
> What can I do to hide the password?

Hi Jason,

If you use MD5 password authentication, does it still save the password
in the log, or the MD5 hash? If the latter, is that secure enough for
you, or might your users make use of it?

Regards, Dave.


pgsql-odbc by date:

Previous
From: Chris Gamache
Date:
Subject: Re: password leak in mylog thru win odbc
Next
From: Giuliano Gavazzi
Date:
Subject: Re: .ini parsing