Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Date
Msg-id 16115.1114100027@sss.pgh.pa.us
Whole thread Raw
In response to Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords  (Stephen Frost <sfrost@snowman.net>)
Responses Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords  (Stephen Frost <sfrost@snowman.net>)
List pgsql-hackers
Stephen Frost <sfrost@snowman.net> writes:
> I'd also like to point out that this is *only* an issue for the 'md5'
> authentication mechanism in pg_hba.conf, which I think should be=20
> discouraged in favor of 'password' and SSL/IPSEC.

This is still utter nonsense.  How can md5 be less secure than storing
your password in the clear?

Whether you want the extra security of IPSEC is an orthogonal discussion
really; if your connection goes over an insecure network then you most
likely need it in order to hide your data, never mind your password.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Next
From: "Joshua D. Drake"
Date:
Subject: Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords