Re: Authenticate with hash instead of plaintext password? - Mailing list pgsql-general

From Tom Lane
Subject Re: Authenticate with hash instead of plaintext password?
Date
Msg-id 17605.1355682629@sss.pgh.pa.us
Whole thread Raw
In response to Re: Authenticate with hash instead of plaintext password?  (Peter Bex <Peter.Bex@xs4all.nl>)
Responses Re: Authenticate with hash instead of plaintext password?
List pgsql-general
Peter Bex <Peter.Bex@xs4all.nl> writes:
> On Sun, Dec 16, 2012 at 12:51:08PM -0500, Tom Lane wrote:
>> Right, they can break into *this account*.

> Not *just* this one, but any account on any service that uses this
> same algorithm.

That's easily fixed.  I'd be inclined to make the "password" hash be a
hash of the actual password plus the user's name plus some
web-site-specific random salt string.  All of these should be readily
available anytime you need to compute the hash, and the inclusion of the
latter two components will make it difficult to use precomputed rainbow
tables to extract the actual password.  With a little more work, he
could also have a per-user random salt added to the hash input --- but
that would require an additional lookup step during login.

            regards, tom lane


pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: Default timezone changes in 9.1
Next
From: Murray Cumming
Date:
Subject: Re: Authenticate with hash instead of plaintext password?