Home > mailing lists

Re: Password-based Authentication - Mailing list pgsql-novice

From	Albe Laurenz
Subject	Re: Password-based Authentication
Date	May 19, 2014 12:20:41
Msg-id	A737B7A37273E048B164557ADEF4A58B17CFAC82@ntex2010i.host.magwien.gv.at Whole thread Raw
In response to	Password-based Authentication (Scott Arciszewski <scott@arciszewski.me>)
List	pgsql-novice

Tree view

Scott Arciszewski wrote:
> I was reading this documentation page:
> http://www.postgresql.org/docs/9.3/static/auth-methods.html#AUTH-PASSWORD
> http://www.postgresql.org/docs/devel/static/auth-methods.html#AUTH-PASSWORD
> 
> ... and I noticed that the only password hashing option available in pgsql for authentication purposes
> is md5.
> 
> Is there any way to use something more reliable (bcrypt, scrypt, pbkdf2, or eventually any of the
> hashing schemes selected by the PHC https://password-hashing.net )?

Not yet, although there have been discussions on the development list.

Maybe you can resort to different authentication techniques where the password
is not stored in PostgreSQL at all.

Yours,
Laurenz Albe

pgsql-novice by date:

From: David G Johnston
Date: 17 May 2014, 22:51:16
Subject: Re: CONCAT function equivalent

From: Eng Sameer
Date: 27 May 2014, 12:43:55
Subject: FW: Security

Re: Password-based Authentication - Mailing list pgsql-novice

Previous

Next