>From the manual: | Because MD5-encrypted passwords use the role name as cryptographic | salt, renaming a role clears its password if the password is | MD5-encrypted. In backend/commands/user.c if (!pg_md5_encrypt(password, stmt->role, strlen(stmt->role), encrypted_password)) elog(ERROR, "password encryption failed"); new_record[Anum_pg_authid_rolpassword - 1] = CStringGetTextDatum(encrypted_password); I don't understand this. Why was the role name chosen as a salt? Apart from the problem that the hash becomes unusable when a role is renamed, roles names are very poor salts. Given how relatively predictable they are, the hash could just as well be left unsalted. There is a comment in libpq/md5.c which more or less acknowleges this: "Place salt at the end because it may be known by users trying to crack the MD5 output." Ignoring for the moment that cracking PG passwords is probably not very common, the position of the salt does little to prevent attacks. A random salt would eliminate both weaknesses. The only explanation I can come up with is that the current method of hashing has been kept for historic reasons, as changing to a random salt would break existing hashes. Or is there something else I've overlooked? regards, stefan PS: Strictly speaking, the expression "MD5-encrypted" in the manual is incorrect - MD5 is a hashing algorithm, not an encryption algorithm. </nitpick> -- LOAD"Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn!",8,1 RUN! -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general