| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Svenne Krap <svenne(at)krap(dot)dk> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] SHA1 on postgres 8.3 |
| Date: | 2008-04-03 17:16:39 |
| Message-ID: | 47F510F7.5030000@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Svenne Krap wrote:
>
> If I have a simple table now
>
> ID serial
> Username varchar
> Password varchar
>
> I currently save only md5(id || username || 'password')* into
> password, if I had access to sha1 (for example) i would add another
> password column so, having for example
>
> ID serial
> Username varchar
> Password_md5 varchar
> Password_sha1 varchar
>
> No matter how you see it, I get more bits of hash to check against.
>
Really? Why stop at two, then? How many hash functions is enough?
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rodrigo E. De León Plicet | 2008-04-03 17:20:46 | Re: Secure "where in(a,b,c)" clause. |
| Previous Message | Steve Atkins | 2008-04-03 17:12:03 | Re: Secure "where in(a,b,c)" clause. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gregory Stark | 2008-04-03 17:23:09 | Re: COPY Transform support |
| Previous Message | Tom Lane | 2008-04-03 17:09:58 | Re: [HACKERS] ANALYZE getting dead tuple count hopelessly wrong |