Skip site navigation (1) Skip section navigation (2)

Re: client authentication - password encryption

From: "Josh Tolley" <eggyknap(at)gmail(dot)com>
To: "G(dot) J(dot) Walsh" <gjwalsh(at)dscdirectionalservices(dot)com>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: client authentication - password encryption
Date: 2007-11-08 14:15:42
Message-ID: e7e0a2570711080615u7326550foa932ceb4e9909e39@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-novice
On Nov 7, 2007 3:05 PM, G. J. Walsh <gjwalsh(at)dscdirectionalservices(dot)com> wrote:
> In my application, a client will complete a  fairly involved
> registration form containing more personal information than usual. The
> form content will be encrypted (https) and will contain the client's
> choice of password.
>
> Previously, under MySQL, I used 2-way encryption, inserting the user and
> password into the client table like so:
>
> $insert = "INSERT INTO client_table (protocol,tpwd) VALUES ('$protocol',
> AES_ENCRYPT('$tpwd','$salted'));
>
> This allowed me to decrypt the password when the inevitable happens and
> the testee loses his password. That gave me protection for the password,
> because administration of the tests involved will not require ssl -
> being nothing more than a tansfer of raw item responses.
>
> >From what I can see, AES_ENCRYPT seems to be closely hitched to MySQL.
> Can I not avail myself of this function in PostgreSQL?
>
> George
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings
>

Check out pg_crypto, in contrib. There's probably a contrib package
for whatever platform you're on.

- Josh/eggyknap

In response to

pgsql-novice by date

Next:From: Tom LaneDate: 2007-11-08 15:28:36
Subject: Re: Trigger function syntax
Previous:From: Nico CallewaertDate: 2007-11-08 08:48:15
Subject: Trigger function syntax

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group