Home > mailing lists

Re: Passwords - Mailing list pgsql-hackers

From	The Hermit Hacker
Subject	Re: Passwords
Date	May 7, 2000 00:55:11
Msg-id	Pine.BSF.4.21.0005062253210.87721-100000@thelab.hub.org Whole thread Raw
In response to	Passwords (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses	Re: Passwords (Alex Pilosov <alex@pilosoft.com>) Re: Passwords (Benjamin Adida <ben@mit.edu>) Re: Passwords (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

On Sat, 6 May 2000, Bruce Momjian wrote:

> Added to TODO:
> 
>     * Encrpyt passwords in pg_shadow table using MD5

Under FreeBSD, if you use crypt() for encrypting, and you are outside of
the 'export restricted area', you auto-get MD5 vs DES ... I think if DES
is available, it should be used over MD5, if we're doing this for security
reasons ...

My *understanding* is that MD5 is a half-way measure that is easier to
break then DES, which is why it isn't under the export restrictions ...

Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org

pgsql-hackers by date:

From: "Hiroshi Inoue"
Date: 06 May 2000, 22:50:11
Subject: RE: pg_group_name_index corrupt?

From: Alex Pilosov
Date: 07 May 2000, 01:15:13
Subject: Re: Passwords

Re: Passwords - Mailing list pgsql-hackers

Previous

Next