Home > mailing lists

User password encryption using a stronger hashing function? - Mailing list pgsql-admin

From	Liu, Jianli (Jianli)
Subject	User password encryption using a stronger hashing function?
Date	December 15, 2011 21:53:37
Msg-id	47AB18AC0F23934383F2BBA7EE3D8D742281BB698C@DC-US1MBEX4.global.avaya.com Whole thread Raw
Responses	Re: User password encryption using a stronger hashing function? ("Liu, Jianli (Jianli)" <jlliu@avaya.com>)
List	pgsql-admin

Tree view

By default, postgresql encrypts user passwords using the MD5 hashing function. They can be seen as "md5....." in the rolpassword column of the pg_authid table. Is there a mechanism that allows us to change this default behavior such that postgresql can encrypt the passwords stored in the pg_authid table using a stronger hashing function such as SHA1?

Postgresql conf file has a property "ssl_ciphers" in which you can specify a list of ciphers. But they are only used on ssl connections and have no impact on the ciphers used in user password encryption. Is this correct?

pgsql-admin by date:

From: Khusro Jaleel
Date: 15 December 2011, 17:02:21
Subject: Issues with log-shipping replication

From: Rural Hunter
Date: 15 December 2011, 23:55:59
Subject: Re: Issues with log-shipping replication

User password encryption using a stronger hashing function? - Mailing list pgsql-admin

Previous

Next