Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

Bruce Momjian wrote:

>>BTW, one could also ask exactly what threat model Stephen is concerned
>>about.  ISTM anyone who can obtain the contents of pg_shadow has
>>*already* broken your database security.
> That's what I told him.  I think his concern about pre-computed hashes
> is the only real issue, and give 'postgres' is usually the super-user, I
> can see someone pre-computing md5 postgres hashes and doing quick
> comparisons, perhaps as a root kit so you don't have to do the hashing
> yourself.   I personally don't find that very compelling either.

The issue is that you should try your best to prevent dictionary attacks,
because often people use the same passwords for different things.
I know they shouldn't, but sometimes they do, so any measures you can
take to make a dictionary attack harder are worth doing, especially
when the random salt is so simple to implement.

--
David.