Re: libpq: passwords WAS: scripting & psql issues
От | Oliver Elphick |
---|---|
Тема | Re: libpq: passwords WAS: scripting & psql issues |
Дата | |
Msg-id | 1092910460.19932.41.camel@braydb обсуждение исходный текст |
Ответ на | libpq: passwords WAS: scripting & psql issues (Daniel Martini <dmartini@uni-hohenheim.de>) |
Ответы |
Re: libpq: passwords WAS: scripting & psql issues
|
Список | pgsql-general |
On Thu, 2004-08-19 at 08:30, Daniel Martini wrote: > Hello list, > > Citing Alvaro Herrera <alvherre@dcc.uchile.cl>: > > The problem here is that the password can't be stored one-way-hash > > digested, because the cleartext version is needed to be sent to the > > server. > > Actually why this is so has been a question for me for some time now, too. > Did just nobody have the time / idea to implement support for sending > hashed passwords to the server, or are there serious difficulties involved > with this, and I don't see them? As far as I am aware, crypt and md5 passwords are not sent in cleartext form. password passwords (?!) are sent clear, but their use is deprecated. I think the password can't be stored hash-digested because it has to be encrypted with a salt established at runtime. If you could just send the same hash-digested password over and over, it would be no more secure than a plaintext one. Oliver Elphick
В списке pgsql-general по дате отправления: