On 2011-01-11, =?utf-8?Q?Nicol=C3=A1s_Garfinkiel?= <nicolas.garfinkiel@xxxxxxxxx> wrote: > Violence aside, thanks for your answer. The C module is what I was > planning to do, but was not sure if there is another way. Of course > using crypt would be the right thing to do, but I cannot afford it, as > users from our system can barely remember their password, let alone > collect them and recreate them! Of course I could reset their pwds, > but that's gonna be a hard sell to my boss. Use a password logger to ease the trasition away from that old function. Modify your application to collect new-style password hashes (created using crypt() for example) when it calculates an old-style hash and update the user record with the new hash (in a new column). In 6 months time you'll have new hashes for everyone who uses the application semi-regularly, the few that were missed by this should be able to be resolved by your support team. or just send them an email asking them to log into the application to confirm their user account. -- ââ 100% natural -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
