| From: | "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk> |
|---|---|
| To: | "Christopher Kings-Lynne" <chriskl(at)familyhealth(dot)com(dot)au> |
| Cc: | "Andreas Pflug" <pgadmin(at)pse-consulting(dot)de>, "Michiel Lange" <Michiel_Lange(at)actuera(dot)com>, <pgadmin-support(at)postgresql(dot)org> |
| Subject: | Re: bug in pgadmin III |
| Date: | 2003-11-18 08:04:29 |
| Message-ID: | 03AF4E498C591348A42FC93DEA9661B871FFF8@mail.vale-housing.co.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support |
> -----Original Message-----
> From: Christopher Kings-Lynne [mailto:chriskl(at)familyhealth(dot)com(dot)au]
> Sent: 18 November 2003 01:19
> To: Dave Page
> Cc: Andreas Pflug; Michiel Lange; pgadmin-support(at)postgresql(dot)org
> Subject: Re: [pgadmin-support] bug in pgadmin III
>
>
> >>If you know how to encrypt the password, we certainly could
> supply the
> >>option to enter it that way...
> >
> >
> > It's just an md5 hash prefixed with 'md5' isn't it?
>
> ???
>
> Don't you just go ALTER USER blah ENCRYPTED PASSWORD 'asdf';
>
> And postgres itself will encrypt it for you.
Yeah, but the idea is to encrypt client-side to prevent sending
passwords over the wire in cleartext. The can be loaded from a dump
pre-hashed, so why can't we set them that way for a little extra
security?
> Your SQL view should show whatever PostgreSQL's pg_dump shows I think.
Agreed. Normally, I would hope that is a hash...
Regards, Dave
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2003-11-18 08:06:05 | Re: pgAdmin bug? creating functions |
| Previous Message | Christopher Kings-Lynne | 2003-11-18 01:19:26 | Re: bug in pgadmin III |