Skip site navigation (1) Skip section navigation (2)

MD5 passwords

From: Andre Majorel <aym-2lqsgp(at)teaser(dot)fr>
To: pgsql-docs(at)postgresql(dot)org
Subject: MD5 passwords
Date: 2010-07-08 10:46:22
Message-ID: 20100708104622.GA2132@aym.net2.nerim.net (view raw or flat)
Thread:
Lists: pgsql-docs
The doc says « if you are at all concerned about password
"sniffing" attacks then md5 is preferred. » but does not say why.
It would seem that an MD5 hash can be sniffed and replayed just as
well as a clear-text password.

Maybe the doc needs to explain why "md5" is more secure than
"password". Or, if it isn't, say so.

-- 
André Majorel http://www.teaser.fr/~amajorel/

Responses

pgsql-docs by date

Next:From: Thom BrownDate: 2010-07-08 13:05:07
Subject: Re: MD5 passwords
Previous:From: Satoshi NagayasuDate: 2010-07-08 09:50:51
Subject: Re: ECPG Documentation Improvement

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group