On 8 September 2010 00:26, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> Thom Brown wrote:
>> > It is documented here:
>> > ? ? ? ?http://www.postgresql.org/docs/9.0/static/encryption-options.html
>> > ? ? ? ?17.7. Encryption Options
>> > ? ? ? ?Encrypting Passwords Across A Network
>> > ? ? ? ? ? ?The MD5 authentication method double-encrypts the password on the
>> > ? ? ? ?client before sending it to the server. It first MD5-encrypts it based
>> > ? ? ? ?on the user name, and then encrypts it based on a random salt sent by
>> > ? ? ? ?the server when the database connection was made. It is this
>> > ? ? ? ?double-encrypted value that is sent over the network to the server.
>> > ? ? ? ?Double-encryption not only prevents the password from being discovered,
>> > ? ? ? ?it also prevents another connection from using the same encrypted
>> > ? ? ? ?password to connect to the database server at a later time.
>> The difference with that is that it's talking about how passwords are
>> protected by a form of encryption when sent across a connection rather
>> than how they're stored in a database.
> Yes, you are right. Should this be documented? Where?
Whether it needs documenting, I'm not sure, but if it were to go
anywhere, I believe it would be here:
IRC (freenode): dark_ixion
Registered Linux user: #516935
In response to
pgsql-novice by date
|Next:||From: Thomas Uzunoff||Date: 2010-09-08 08:41:40|
|Subject: PostgreSQL article online - PDF|
|Previous:||From: Bruce Momjian||Date: 2010-09-08 01:56:00|
|Subject: Re: Raw Device Support|