Home > mailing lists

Re: Question on crypt password - Mailing list pgsql-general

From	Neil Conway
Subject	Re: Question on crypt password
Date	May 24, 2002 17:48:25
Msg-id	20020524144429.175b81e3.nconway@klamath.dyndns.org Whole thread Raw
In response to	Question on crypt password (Arindam Haldar <arindamhaldar@hotpop.com>)
Responses	Re: Question on crypt password
List	pgsql-general

Tree view

On Fri, 24 May 2002 12:45:00 +0530
"Arindam Haldar" <arindamhaldar@hotpop.com> wrote:
> hi,
> i want to authenticate web users from postgrsql for which i created a
> table having,among others, username & password... is there any data
> types where password can be stored encrypted ?.. at present am vsing
> varchar(16) but i c one (administrator) can  read the password. i didnt
> find any data type specifying encrypted type !...

Use contrib/pgcrypto, store the hashed version of the password (say,
using SHA1). When you want to check if the correct password is used,
hash the string the user entered and compare it to the stored version.

Cheers,

Neil

--
Neil Conway <neilconway@rogers.com>
PGP Key ID: DB3C29FC

pgsql-general by date:

From: Neil Conway
Date: 24 May 2002, 17:42:59
Subject: Re: Using the EXPLAIN results

From: Tom Lane
Date: 24 May 2002, 17:48:46
Subject: Re: Case Insensitive Data Type

Re: Question on crypt password - Mailing list pgsql-general

Previous

Next