Quick Links

Community
Contributors
Mailing Lists
IRC
Local User Groups
Events
International Sites

MD5 passwords

From:	Andre Majorel <aym-2lqsgp(at)teaser(dot)fr>
To:	pgsql-docs(at)postgresql(dot)org
Subject:	MD5 passwords
Date:	2010-07-08 10:46:22
Message-ID:	20100708104622.GA2132@aym.net2.nerim.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-docs

The doc says « if you are at all concerned about password
"sniffing" attacks then md5 is preferred. » but does not say why.
It would seem that an MD5 hash can be sniffed and replayed just as
well as a clear-text password.

Maybe the doc needs to explain why "md5" is more secure than
"password". Or, if it isn't, say so.

--
André Majorel http://www.teaser.fr/~amajorel/

Responses

Re: MD5 passwords at 2010-07-08 13:05:07 from Thom Brown

Browse pgsql-docs by date

	From	Date	Subject
Next Message	Thom Brown	2010-07-08 13:05:07	Re: MD5 passwords
Previous Message	Satoshi Nagayasu	2010-07-08 09:50:51	Re: ECPG Documentation Improvement