Thread: How to store a password encripted in a user defined table

How to store a password encripted in a user defined table

From

Eugenio Flores

Date:

01 March 2007, 02:37:58

Hello, I wonder if somebody knows how to store passwords in a column that is part of a user defined table.

I've been searching and reading the documentation, but I can't find what I'm looking for. I just get password subjects related to client's connections to the database.

Thanks in advanced for any help you can provide.

Do You Yahoo!? La mejor conexión a Internet y 2GB extra a tu correo por $100 al mes. http://net.yahoo.com.mx

Re: How to store a password encripted in a user defined table

From

"Andrej Ricnik-Bay"

Date:

01 March 2007, 04:21:12

On 3/1/07, Eugenio Flores <eflores767003@yahoo.com.mx> wrote:
> Hello, I wonder if somebody knows how to store passwords in a
> column that is part of a user defined table.
Assuming that your passwords are application specific use
a sha1 or md5 algorithm (depending on how sensitive your data is)
and store that in a varchar or char field.  When the user authenticates
the password gets hashed in the app and compared against the
stored hash.


Cheers,
Andrej

Re: How to store a password encripted in a user defined table

From

Eugenio Flores

Date:

01 March 2007, 07:06:30

Thanks Andrej. But how can I use such algoritms in postgresql? arey they defined in a function that I can call?

Or, do I have to code one of those algorithm to use it in my application?

----- Mensaje original ----
De: Andrej Ricnik-Bay <andrej.groups@gmail.com>
Para: Eugenio Flores <eflores767003@yahoo.com.mx>; PostgreSQL <pgsql-sql@postgresql.org>
Enviado: jueves, 1 de marzo, 2007 0:21:06
Asunto: Re: [SQL] How to store a password encripted in a user defined table

On 3/1/07, Eugenio Flores <eflores767003@yahoo.com.mx> wrote:
> Hello, I wonder if somebody knows how to store passwords in a
> column that is part of a user defined table.
Assuming that your passwords are application specific use
a sha1 or md5 algorithm (depending on how sensitive your data is)
and store that in a varchar or char field.  When the user authenticates
the password gets hashed in the app and compared against the
stored hash.

Cheers,
Andrej

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not
       match

Do You Yahoo!? La mejor conexión a Internet y 2GB extra a tu correo por $100 al mes. http://net.yahoo.com.mx

Re: How to store a password encripted in a user defined table

From

Shane Ambler

Date:

01 March 2007, 07:39:50

Andrej Ricnik-Bay wrote:
> On 3/1/07, Eugenio Flores <eflores767003@yahoo.com.mx> wrote:
>> Hello, I wonder if somebody knows how to store passwords in a
>> column that is part of a user defined table.
> Assuming that your passwords are application specific use
> a sha1 or md5 algorithm (depending on how sensitive your data is)
> and store that in a varchar or char field.  When the user authenticates
> the password gets hashed in the app and compared against the
> stored hash.
> 

If you want the server to take care of it look at pgcrypto - you will 
find it in the contrib folder of the source distro.

This doesn't give you an encrypted data type (but you could set that up 
if you wish) it will give you functions that you can use. Of course that 
would mean they get sent through the client connection as clear text 
unless you are using an SSL client connection.

-- 

Shane Ambler
pgSQL@Sheeky.Biz

Get Sheeky @ http://Sheeky.Biz

Re: How to store a password encripted in a user defined table

From

John DeSoi

Date:

01 March 2007, 09:25:38

MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to  
hash passwords. For example:

select md5('this is my password');
               md5
----------------------------------
210d53992dff432ec1b1a9698af9da16
(1 row)

On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:

> Thanks Andrej. But how can I use such algoritms in postgresql? arey  
> they defined in a function that I can call?
>
> Or, do I have to code one of those algorithm to use it in my  
> application?

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

Re: How to store a password encripted in a user definedtable

From

"Bart Degryse"

Date:

01 March 2007, 09:43:00

Maybe a little example

- create a table with two columns: username and password (eg. tbl_users)

- in a secure environment (thus not over the internet) insert records into the table

INSERT INTO tbl_users(username, password) VALUES ('John', md5('johnspassword'))

- make a website with a login page (= a form with two fields: frm_username and frm_password)

- let a javascript md5 function hash the password before sending the form field values to the webserver

that way the password doensn't go over the internet in an unprotected way

- let your webserver (eg with php) compare the received password (= hashed) with the one in tbl_users

select count(*) from tbl_users where username = [value from frm_username] and password = [value from frm_password]

if the password is ok then count will be 1
- the user has been authenticated and can go on

now you can start a session in your website, etc etc
if count was 0 you should resent the login form with a notice "wrong password"

>>> John DeSoi <desoi@pgedit.com> 2007-03-01 14:25 >>>
MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
hash passwords. For example:

select md5('this is my password');

                md5
----------------------------------
210d53992dff432ec1b1a9698af9da16
(1 row)

On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:

> Thanks Andrej. But how can I use such algoritms in postgresql? arey
> they defined in a function that I can call?
>
> Or, do I have to code one of those algorithm to use it in my
> application?

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not
       match

Re: How to store a password encripted in a user defined table

From

"Ezequias Rodrigues da Rocha"

Date:

01 March 2007, 10:08:24

John,

That was what I was looking for for a long time.

Now I will change my teller password account to md5.

Could someone suggest me how to change all passwords (PLAIN) to md5 ?

My real best regards
Ezequias

2007/3/1, John DeSoi <desoi@pgedit.com>:
> MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> hash passwords. For example:
>
> select md5('this is my password');
>
>                 md5
> ----------------------------------
> 210d53992dff432ec1b1a9698af9da16
> (1 row)
>
>
>
> On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
>
> > Thanks Andrej. But how can I use such algoritms in postgresql? arey
> > they defined in a function that I can call?
> >
> > Or, do I have to code one of those algorithm to use it in my
> > application?
>
>
>
> John DeSoi, Ph.D.
> http://pgedit.com/
> Power Tools for PostgreSQL
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
>        choose an index scan if your joining column's datatypes do not
>        match
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

Re: How to store a password encripted in a user definedtable

From

"Bart Degryse"

Date:

01 March 2007, 10:45:07

update yourtable set passwordfield = md5(passwordfield)

watch out: md5 is irreversable! you can't "un_md5"

>>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01 15:08 >>>
John,

That was what I was looking for for a long time.

Now I will change my teller password account to md5.

Could someone suggest me how to change all passwords (PLAIN) to md5 ?

My real best regards
Ezequias

2007/3/1, John DeSoi <desoi@pgedit.com>:
> MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> hash passwords. For example:
>
> select md5('this is my password');
>
>                 md5
> ----------------------------------
> 210d53992dff432ec1b1a9698af9da16
> (1 row)
>
>
>
> On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
>
> > Thanks Andrej. But how can I use such algoritms in postgresql? arey
> > they defined in a function that I can call?
> >
> > Or, do I have to code one of those algorithm to use it in my
> > application?
>
>
>
> John DeSoi, Ph.D.
> http://pgedit.com/
> Power Tools for PostgreSQL
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
>        choose an index scan if your joining column's datatypes do not
>        match
>

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
                                  Atencio samente (Sincerely)
                        Ezequias Rodrigues da Rocha
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend

Re: How to store a password encripted in a user definedtable

From

"Ezequias Rodrigues da Rocha"

Date:

01 March 2007, 10:58:12

I know it. Thank you so much.

Ezequias
Grettings from Brazil.

2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
>
>
> update yourtable set passwordfield = md5(passwordfield)
>
> watch out: md5 is irreversable! you can't "un_md5"
>
>
> >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
> 15:08 >>>
>
> John,
>
> That was what I was looking for for a long time.
>
> Now I will change my teller password account to md5.
>
> Could someone suggest me how to change all passwords (PLAIN) to md5 ?
>
> My real best regards
> Ezequias
>
> 2007/3/1, John DeSoi <desoi@pgedit.com>:
> > MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> > hash passwords. For example:
> >
> > select md5('this is my password');
> >
> >                 md5
> > ----------------------------------
> > 210d53992dff432ec1b1a9698af9da16
> > (1 row)
> >
> >
> >
> > On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
> >
> > > Thanks Andrej. But how can I use such algoritms in postgresql? arey
> > > they defined in a function that I can call?
> > >
> > > Or, do I have to code one of those algorithm to use it in my
> > > application?
> >
> >
> >
> > John DeSoi, Ph.D.
> > http://pgedit.com/
> > Power Tools for PostgreSQL
> >
> >
> > ---------------------------(end of
> broadcast)---------------------------
> > TIP 9: In versions below 8.0, the planner will ignore your desire to
> >        choose an index scan if your joining column's datatypes do not
> >        match
> >

Re: How to store a password encripted in a user definedtable

From

"Ezequias Rodrigues da Rocha"

Date:

01 March 2007, 11:02:37

Just another thing.

Why md5 function return a different string from user role of postgresql ?

It allways put an md5 string concated with another sequence of string.

Why does it occurs ?
Ezequias

2007/3/1, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com>:
> I know it. Thank you so much.
>
> Ezequias
> Grettings from Brazil.
>
> 2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
> >
> >
> > update yourtable set passwordfield = md5(passwordfield)
> >
> > watch out: md5 is irreversable! you can't "un_md5"
> >
> >
> > >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
> > 15:08 >>>
> >
> > John,
> >
> > That was what I was looking for for a long time.
> >
> > Now I will change my teller password account to md5.
> >
> > Could someone suggest me how to change all passwords (PLAIN) to md5 ?
> >
> > My real best regards
> > Ezequias
> >
> > 2007/3/1, John DeSoi <desoi@pgedit.com>:
> > > MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> > > hash passwords. For example:
> > >
> > > select md5('this is my password');
> > >
> > >                 md5
> > > ----------------------------------
> > > 210d53992dff432ec1b1a9698af9da16
> > > (1 row)
> > >
> > >
> > >
> > > On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
> > >
> > > > Thanks Andrej. But how can I use such algoritms in postgresql? arey
> > > > they defined in a function that I can call?
> > > >
> > > > Or, do I have to code one of those algorithm to use it in my
> > > > application?
> > >
> > >
> > >
> > > John DeSoi, Ph.D.
> > > http://pgedit.com/
> > > Power Tools for PostgreSQL
> > >
> > >
> > > ---------------------------(end of
> > broadcast)---------------------------
> > > TIP 9: In versions below 8.0, the planner will ignore your desire to
> > >        choose an index scan if your joining column's datatypes do not
> > >        match
> > >
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

Re: How to store a password encripted in a userdefinedtable

From

"Bart Degryse"

Date:

01 March 2007, 11:17:10

It doesn't do that for me. I've tried it on three different databases (of two different versions) as three different users and the result is always the same (as it should be):

select USER, md5('password')

current_user md5
bigdbuser 5f4dcc3b5aa765d61d8327deb882cf99

current_user md5
bigdbsys 5f4dcc3b5aa765d61d8327deb882cf99

current_user md5
logstocksys 5f4dcc3b5aa765d61d8327deb882cf99

Show us some statements.

>>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01 16:02 >>>
Just another thing.

Why md5 function return a different string from user role of postgresql ?

It allways put an md5 string concated with another sequence of string.

Why does it occurs ?
Ezequias

2007/3/1, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com>:
> I know it. Thank you so much.
>
> Ezequias
> Grettings from Brazil.
>
> 2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
> >
> >
> > update yourtable set passwordfield = md5(passwordfield)
> >
> > watch out: md5 is irreversable! you can't "un_md5"
> >
> >
> > >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
> > 15:08 >>>
> >
> > John,
> >
> > That was what I was lo oking for for a long time.
> >
> > Now I will change my teller password account to md5.
> >
> > Could someone suggest me how to change all passwords (PLAIN) to md5 ?
> >
> > My real best regards
> > Ezequias
> >
> > 2007/3/1, John DeSoi <desoi@pgedit.com>:
> > > MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> > > hash passwords. For example:
> > >
> > > select md5('this is my password');
> > >
> > >                 md5
> > > ----------------------------------
> > > 210d53992dff432ec1b1a9698af9da16
> > > (1 row)
> > >
> > >
> > >
> > > On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
> > >
> > > > Thanks Andre j. But how can I use such algoritms in postgresql? arey
> > > > they defined in a function that I can call?
> > > >
> > > > Or, do I have to code one of those algorithm to use it in my
> > > > application?
> > >
> > >
> > >
> > > John DeSoi, Ph.D.
> > > http://pgedit.com/
> > > Power Tools for PostgreSQL
> > >
> > >
> > > ---------------------------(end of
> > broadcast)---------------------------
> > > TIP 9: In versions below 8.0, the planner will ignore your desire to
> > >        choose an index scan if your joining column's datatypes do not
> > >        match
> > >
>

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=
                                  Atenciosamente (Sincerely)
                        Ezequias Rodrigues da Rocha
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

Re: How to store a password encripted in a userdefinedtable

From

"Ezequias Rodrigues da Rocha"

Date:

01 March 2007, 12:53:38

I am just passing the database owner password (postgresql
autentication) to the statement:

Select md5('the password I have in my mind') and compare with the
password pgAdmin3 shows me.

They are completely different.

Ezequias

2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
>
>
> It doesn't do that for me. I've tried it on three different databases (of
> two different versions) as three different users and the result is always
> the same (as it should be):
>
> select USER, md5('password')
>
> current_user    md5
> bigdbuser       5f4dcc3b5aa765d61d8327deb882cf99
>
> current_user    md5
> bigdbsys        5f4dcc3b5aa765d61d8327deb882cf99
>
>
> current_user    md5
> logstocksys     5f4dcc3b5aa765d61d8327deb882cf99
>
> Show us some statements.
>
>
> >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
> 16:02 >>>
>
> Just another thing.
>
> Why md5 function return a different string from user role of postgresql ?
>
> It allways put an md5 string concated with another sequence of string.
>
> Why does it occurs ?
> Ezequias
>
> 2007/3/1, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com>:
> > I know it. Thank you so much.
> >
> > Ezequias
> > Grettings from Brazil.
> >
> > 2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
> > >
> > >
> > > update yourtable set passwordfield = md5(passwordfield)
> > >
> > > watch out: md5 is irreversable! you can't "un_md5"
> > >
> > >
> > > >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
> > > 15:08 >>>
> > >
> > > John,
> > >
> > > That was what I was looking for for a long time.
> > >
> > > Now I will change my teller password account to md5.
> > >
> > > Could someone suggest me how to change all passwords (PLAIN) to md5 ?
> > >
> > > My real best regards
> > > Ezequias
> > >
> > > 2007/3/1, John DeSoi <desoi@pgedit.com>:
> > > > MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
> > > > hash passwords. For example:
> > > >
> > > > select md5('this is my password');
> > > >
> > > >                 md5
> > > > ----------------------------------
> > > > 210d53992dff432ec1b1a9698af9da16
> > > > (1 row)
> > > >
> > > >
> > > >
> > > > On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
> > > >
> > > > > Thanks Andrej. But how can I use such algoritms in postgresql? arey
> > > > > they defined in a function that I can call?
> > > > >
> > > > > Or, do I have to code one of those algorithm to use it in my
> > > > > application?
> > > >
> > > >
> > > >
> > > > John DeSoi, Ph.D.
> > > > http://pgedit.com/
> > > > Power Tools for PostgreSQL
> > > >
> > > >
> > > > ---------------------------(end of
> > > broadcast)---------------------------
> > > > TIP 9: In versions below 8.0, the planner will ignore your desire to
> > > >        choose an index scan if your joining column's datatypes do not
> > > >        match
> > > >
> >
>
>
> --
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>                                   Atenciosamente
> (Sincerely)
>                         Ezequias Rodrigues da Rocha
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> A pior das democracias ainda é melhor do que a melhor das ditaduras
> The worst of democracies is still better than the better of dictatorships
> http://ezequiasrocha.blogspot.com/
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

Re: How to store a password encripted in a userdefinedtable

From

Shane Ambler

Date:

01 March 2007, 13:14:49

Ezequias Rodrigues da Rocha wrote:
> I am just passing the database owner password (postgresql
> autentication) to the statement:
> 
> Select md5('the password I have in my mind') and compare with the
> password pgAdmin3 shows me.
> 
> They are completely different.

Try SELECT 'md5'||md5('the password I have in my mind'||'userlogin');

> Ezequias
> 
> 2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
>>
>>
>> It doesn't do that for me. I've tried it on three different databases (of
>> two different versions) as three different users and the result is always
>> the same (as it should be):
>>
>> select USER, md5('password')
>>
>> current_user    md5
>> bigdbuser       5f4dcc3b5aa765d61d8327deb882cf99
>>
>> current_user    md5
>> bigdbsys        5f4dcc3b5aa765d61d8327deb882cf99
>>
>>
>> current_user    md5
>> logstocksys     5f4dcc3b5aa765d61d8327deb882cf99
>>
>> Show us some statements.
>>
>>
>> >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 2007-03-01
>> 16:02 >>>
>>
>> Just another thing.
>>
>> Why md5 function return a different string from user role of postgresql ?
>>
>> It allways put an md5 string concated with another sequence of string.
>>
>> Why does it occurs ?
>> Ezequias
>>
>> 2007/3/1, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com>:
>> > I know it. Thank you so much.
>> >
>> > Ezequias
>> > Grettings from Brazil.
>> >
>> > 2007/3/1, Bart Degryse <Bart.Degryse@indicator.be>:
>> > >
>> > >
>> > > update yourtable set passwordfield = md5(passwordfield)
>> > >
>> > > watch out: md5 is irreversable! you can't "un_md5"
>> > >
>> > >
>> > > >>> "Ezequias Rodrigues da Rocha" <ezequias.rocha@gmail.com> 
>> 2007-03-01
>> > > 15:08 >>>
>> > >
>> > > John,
>> > >
>> > > That was what I was looking for for a long time.
>> > >
>> > > Now I will change my teller password account to md5.
>> > >
>> > > Could someone suggest me how to change all passwords (PLAIN) to md5 ?
>> > >
>> > > My real best regards
>> > > Ezequias
>> > >
>> > > 2007/3/1, John DeSoi <desoi@pgedit.com>:
>> > > > MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
>> > > > hash passwords. For example:
>> > > >
>> > > > select md5('this is my password');
>> > > >
>> > > >                 md5
>> > > > ----------------------------------
>> > > > 210d53992dff432ec1b1a9698af9da16
>> > > > (1 row)
>> > > >
>> > > >
>> > > >
>> > > > On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:
>> > > >
>> > > > > Thanks Andrej. But how can I use such algoritms in postgresql? 
>> arey
>> > > > > they defined in a function that I can call?
>> > > > >
>> > > > > Or, do I have to code one of those algorithm to use it in my
>> > > > > application?
>> > > >
>> > > >
>> > > >
>> > > > John DeSoi, Ph.D.
>> > > > http://pgedit.com/
>> > > > Power Tools for PostgreSQL
>> > > >
>> > > >
>> > > > ---------------------------(end of
>> > > broadcast)---------------------------
>> > > > TIP 9: In versions below 8.0, the planner will ignore your 
>> desire to
>> > > >        choose an index scan if your joining column's datatypes 
>> do not
>> > > >        match
>> > > >
>> >
>>
>>
>> -- 
>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>>                                   Atenciosamente
>> (Sincerely)
>>                         Ezequias Rodrigues da Rocha
>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>> A pior das democracias ainda é melhor do que a melhor das ditaduras
>> The worst of democracies is still better than the better of dictatorships
>> http://ezequiasrocha.blogspot.com/
>>
> 
> 


-- 

Shane Ambler
pgSQL@Sheeky.Biz

Get Sheeky @ http://Sheeky.Biz

Re: How to store a password encripted in a userdefinedtable

From

Adrian Klaver

Date:

01 March 2007, 13:18:30

On Thursday 01 March 2007 8:53 am, Ezequias Rodrigues da Rocha wrote:
> I am just passing the database owner password (postgresql
> autentication) to the statement:
>
> Select md5('the password I have in my mind') and compare with the
> password pgAdmin3 shows me.
>
> They are completely different.
>
> Ezequias
>
<Snip>
Try select md5('password'||'user')
The generated hash is a combination of the password and the user name.
-- 
Adrian Klaver
aklaver@comcast.net

Re: How to store a password encripted in a userdefinedtable

From

"Ezequias Rodrigues da Rocha"

Date:

01 March 2007, 14:02:28

Perfect ! That's it.

Another information I doesn't have. Great to be part of this list.

Thank you
Adrian


2007/3/1, Adrian Klaver <aklaver@comcast.net>:
> On Thursday 01 March 2007 8:53 am, Ezequias Rodrigues da Rocha wrote:
> > I am just passing the database owner password (postgresql
> > autentication) to the statement:
> >
> > Select md5('the password I have in my mind') and compare with the
> > password pgAdmin3 shows me.
> >
> > They are completely different.
> >
> > Ezequias
> >
> <Snip>
> Try select md5('password'||'user')
> The generated hash is a combination of the password and the user name.
> --
> Adrian Klaver
> aklaver@comcast.net
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/

Re: How to store a password encripted in a user defined table

From

Eugenio Flores

Date:

01 March 2007, 15:49:44

Thanks for your anwers. They have been very useful.

Thanks again.

----- Mensaje original ----
De: John DeSoi <desoi@pgedit.com>
Para: Eugenio Flores <eflores767003@yahoo.com.mx>
CC: Andrej Ricnik-Bay <andrej.groups@gmail.com>; PostgreSQL <pgsql-sql@postgresql.org>
Enviado: jueves, 1 de marzo, 2007 5:25:28
Asunto: Re: [SQL] How to store a password encripted in a user defined table

MD5 is built-in to PostgreSQL. It is what PostgreSQL itself uses to
hash passwords. For example:

select md5('this is my password');

                md5
----------------------------------
210d53992dff432ec1b1a9698af9da16
(1 row)

On Mar 1, 2007, at 6:06 AM, Eugenio Flores wrote:

> Thanks Andrej. But how can I use such algoritms in postgresql? arey
> they defined in a function that I can call?
>
> Or, do I have to code one of those algorithm to use it in my
> application?

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not
       match

Do You Yahoo!? La mejor conexión a Internet y 2GB extra a tu correo por $100 al mes. http://net.yahoo.com.mx