Sam Mason wrote:
> On Thu, Apr 03, 2008 at 07:07:56PM +0200, Svenne Krap wrote:
>>
>> ID serial
>> Username varchar
>> Password_md5 varchar
>> Password_sha1 varchar
> ...
> Why not just use SHA-512, you get many more quality bits that way.
Or if he just wanted to use builtin tools and reduce accidental
collisions almost exactly the same much as he propopses, he could use
password_md5_with_salt_xxx varchar password_md5_with_salt_yyy varchar
but I also can't see the point. Won't he have more
collisions from cosmic rays turning the results of his comparisons
from false to true anyway?
>> I would drop md5 totally and use sha1 and ripemd-160 if possible.. but
>> currently i use only md5 as it is the only available one.. Loading
>> pgcrypto is overkill for something as simple as hash-functions.
>
> Sounds like a good reason for moving the current md5 function out into
> pgcrypto as well! :)
I'd rephrase it as saying "a good reason for making it less
intimidating to install modules". +1 to all the approaches
that make this less scary.
For Perl Digest-SHA1's in CPAN http://search.cpan.org/dist/Digest-SHA1/