Thread: Urgent Help
: Hello Sir, I am new to PostGreSQL. I have problem in encrypt/decrypt of password field, can you please help me out in how to solve this. I went through the pgcrypto.sql file under contrib folder but it was of no help to me. It will be of very helpfull if you send me some examples codes for insert statements and select statements for encrypt/decrypt. This is very urgent. Thanks Shreehari S SPAN Systems Corporation, Bangalore. "Steering Progress, Together" =================================================== This email message and any attachments is confidential and intended only for the use of an individual or entity named above and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited.If you have received this email in error, please notify us immediately by return email or itsupport@spanservices.com and destroy the original message. Opinions, conclusions, and other information in this message that do not relate to the official business of SPAN, shall be understood to be neither given nor endorsed by SPAN
On Fri, May 26, 2006 7:47 am, Shreehari S said: > Hello Sir, > > I am new to PostGreSQL. I have problem in encrypt/decrypt of password > field, can you please help me out in how to solve this. > > I went through the pgcrypto.sql file under contrib folder but it was of > no help to me. > > It will be of very helpfull if you send me some examples codes for insert > statements and select statements for encrypt/decrypt. > > This is very urgent. Just noticing that no one appears to have replied. In general, Postgres does not have a 'password' record type. Passwords are normally (in my experience) stored in text fields, after being *hashed*, not encrypted. The hashing is a detail of the application that is storing data in Postgres, but it is common to use MD5 or SHA hashes. The advantage, or disadvantage, of hashing over encrypting is that it is not possible to get the password from the hash. To compare a password to the stored version, you hash the password and compare the hashes. (Hashing is also much faster than encrypting.) Inserts and selects are therefore exactly the same as for any other record type. Any difference is in what you do before and afterwords. Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---------------------------------------------------------------
> Hello Sir, > > I am new to PostGreSQL. I have problem in > encrypt/decrypt of password field, > can you please help me out in > how to solve this. > > I went through the pgcrypto.sql file under contrib > folder but it was of no > help to me. > > It will be of very helpfull if you send me some > examples codes for insert > statements and select statements > for encrypt/decrypt. > > This is very urgent. > > Thanks > Shreehari S > SPAN Systems Corporation, Bangalore. > "Steering Progress, Together" Shreehari, here is a PHP tutorial discussing salting and hashing. http://phpsec.org/articles/2005/password-hashing.html if you use a different programming language, you can take the principles and apply them to your language. best of luck. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com