Hi
IMHO, you should never store password in clear
If you store the last 5 crypted passwords, then you can make it comparing the new password, crypted, to those 5 strings.
Regards
--
Christophe Doré
Implementation Product Manager
3 rue Marcel Allegot
92190 Meudon, France
+33 1 46 90 21 00 office
+33 6 1379 2910 mobile
CAST, Leader in Automated Application Intelligence
Achieve Insight. Deliver Excellence.
www.castsoftware.com | Gain visibility into application quality to proactively manage risk and improve team performance.
From: akp geek [mailto:akpgeek@gmail.com]
Sent: jeudi 6 mai 2010 20:31
To: pgsql-general
Subject: password management
Dear all -
I am writing function to handle the passwords. Currently the crypt is being used to store the password in the database. what I need to do is, when the user wants to change the password, I need to check if that password is not being used before up to 5 times, If not then then records should be inserted to the database.
The problem where i am running into, when I capture the password that user entered, I can't compare to the one in database , because each time the function crypt gives different one. Is there any way that I can achieve this?
