Search Postgresql Archives

Changing passwords from client application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I need to implement an option to change passwords in my application,
which authenticates using MD5. This application however operates over
unencrypted link, so it'll be a little bit of a challege.

I've came up with several possible implementations.

--------------------------------------------------------

Implementation I

1. A user selects "change password" option.

2. Ask a user for a old password, new password, new password
confirmation.

3. Connect to a database (this would be a second connection) using
provided old password.

4. Invoke
	"select change_password(new_password_hash)"
where
	new_password_hash=PQencryptPassword(new_password, username)
and change_password(text) is a volatile, security definer, owned by
superuser, which will just do
		alter role session_user encrypted password $1;

This has two drawbacks:

- it needs another connection to a database, so I could not limit
  concurrent connections for a user to 1;

- it will be possible to use for example a left open psql session to
  change password of logged in user without knowledge of previous
  password.

--------------------------------------------------------

Implementation II

1. and 2. the same.

3. Invoke
	"select change_password(old_password_hash, new_password_hash)"
where
	new_password_hash=PQencryptPassword(new_password, username)
	old_password_hash=PQencryptPassword(old_password, username)
Again change_password(text) is a volatile, security definer, owned by
superuser function, which checks if
	pg_authid.rolpassword=$1 where rolname=session_user
and then
	alter role session_user encrypted password $2;

This time there is another problem - if anybody will sniff on this
connection during password changing then he will be able to use this
new_password_hash to change password if he had a left open psql
session.

--------------------------------------------------------

So do you have an idea how to securely change logged in user password
over an unencrypted link?

Regards
Tometzky
-- 
...although Eating Honey was a very good thing to do, there was a
moment just before you began to eat it which was better than when you
were...
                                                      Winnie the Pooh
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux