> -----Original Message-----
> From: Christopher Kings-Lynne [mailto:chriskl@familyhealth.com.au]
> Sent: 18 November 2003 01:19
> To: Dave Page
> Cc: Andreas Pflug; Michiel Lange; pgadmin-support@postgresql.org
> Subject: Re: [pgadmin-support] bug in pgadmin III
>
>
> >>If you know how to encrypt the password, we certainly could
> supply the
> >>option to enter it that way...
> >
> >
> > It's just an md5 hash prefixed with 'md5' isn't it?
>
> ???
>
> Don't you just go ALTER USER blah ENCRYPTED PASSWORD 'asdf';
>
> And postgres itself will encrypt it for you.
Yeah, but the idea is to encrypt client-side to prevent sending
passwords over the wire in cleartext. The can be loaded from a dump
pre-hashed, so why can't we set them that way for a little extra
security?
> Your SQL view should show whatever PostgreSQL's pg_dump shows I think.
Agreed. Normally, I would hope that is a hash...
Regards, Dave
