Skip site navigation (1) Skip section navigation (2)

How To Change Password Hash Algorithm From MD5 to SHA-256

From: "ROMAIN, ERICKA W CTR DISA PEO-MA" <ericka(dot)romain(dot)ctr(at)disa(dot)mil>
To: <pgsql-admin(at)postgresql(dot)org>
Subject: How To Change Password Hash Algorithm From MD5 to SHA-256
Date: 2012-06-07 15:12:38
Message-ID: AD80C80C6003164DBA3838060C38E2290291B49C@DUMFDPEXMB04.disanet.disa-u.mil (view raw or flat)
Thread:
Lists: pgsql-admin
I am trying to get Postgres to use SHA as the password hash algorithm instead of MD5. This is a security requirement. I am running PostgreSQL 8.4 on a Red Hat Linux platform. I have installed pgcrypto and ran pgcrypto.sql. I also created a function SHA-256. The function looks like:

CREATE OR REPLACE FUNCTION sha256(bytea) returns text AS $$
      SELECT encode(digest($1, 'sha256'), 'hex')
    $$ LANGUAGE SQL STRICT IMMUTABLE;

I then created a new user. Then I queried pg_shadow and the encrypted password still has md5 at the beginning of the hash. How do I get postgres to use SHA-256?

Any help would be greatly appreciated.


Ericka Romain

Responses

pgsql-admin by date

Next:From: Lonni J FriedmanDate: 2012-06-07 17:41:36
Subject: pg_basebackup blocking all queries with horrible performance
Previous:From: hari.fuchsDate: 2012-06-07 07:47:21
Subject: Re: Can schemas be ordered regarding their creation time ?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group