Re: User password encryption using a stronger hashing function?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



No one has responded to my questions. I am wondering if anyone can point me to where in postgresql source code I can further look into the issue and explore the possibility of this change?  Thanks.

 

Sent: Thursday, December 15, 2011 4:53 PM
To: pgsql-admin@xxxxxxxxxxxxxx
Subject: User password encryption using a stronger hashing function?

 

By default, postgresql encrypts user passwords using the MD5 hashing function. They can be seen as "md5....." in the rolpassword column of the pg_authid table. Is there a mechanism that allows us to change this default behavior such that postgresql can encrypt the passwords stored in the pg_authid table using a stronger hashing function such as SHA1?

 

Postgresql conf file has a property "ssl_ciphers" in which you can specify a list of ciphers. But they are only used on ssl connections and have no impact on the ciphers used in user password encryption. Is this correct?


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux