Home > mailing lists

Re: removal of md5 from example code - Mailing list pgsql-docs

From	Peter Eisentraut
Subject	Re: removal of md5 from example code
Date	January 31, 2018 10:02:04
Msg-id	5dba9c6c-19fe-6095-ff83-d8d9e29d0e93@2ndquadrant.com Whole thread Raw
In response to	removal of md5 from example code (PG Doc comments form <noreply@postgresql.org>)
Responses	Re: removal of md5 from example code (Jon Wolski <jonwolski@gmail.com>)
List	pgsql-docs

Tree view

On 1/17/18 11:14, PG Doc comments form wrote:
> The documentation at
> https://www.postgresql.org/docs/current/static/citext.html shows an example
> using md5 for password hashes. This is generally a bad practice and not
> relevant to the feature documented. 
> 
> I recommend removing the password column from this example or replacing the
> md5 hash with something more secure (a secure hash algorithm with a salt).

We don't have any other hash functions built in and exposed at the SQL
level.  (Maybe that is a problem.)  Do you have any other ideas how to
rewrite that example?

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-docs by date:

From: Bruce Momjian
Date: 30 January 2018, 20:36:02
Subject: Re: Need PostgreSQL Key words list

From: PG Doc comments form
Date: 31 January 2018, 17:57:56
Subject: Windows instructions are incomplete

Re: removal of md5 from example code - Mailing list pgsql-docs

Previous

Next