| From: | Michael Fuhr <mike(at)fuhr(dot)org> |
|---|---|
| To: | truthhurts(at)insightbb(dot)com |
| Cc: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: MD5 Function |
| Date: | 2005-10-23 01:47:45 |
| Message-ID: | 20051023014745.GA76290@winnie.fuhr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
On Sat, Oct 22, 2005 at 11:40:40PM +0000, truthhurts(at)insightbb(dot)com wrote:
> Hi, I am trying to verify the return size that MD5 function returns. I dont see
> any details mentioned about this in the docs.
>
> Basically i am planning on storing passwords as md5(password) and want to know
> if i can just declare the password field to be something like VARCHAR(32) or
> even CHAR(32) if it's guaranteed that it will never be longer/shorter than 32
> chars.
RFC 1321 "The MD5 Message-Digest Algorithm" says that the algorithm's
output is 128 bits (16 octets, 32 hex digits), so if you ever see a
different length then I should think that's a bug.
Consider perturbing the input instead of using just the password
so identical passwords have different digests.
> Perhaps this is not that big of a deal and i could as easily just declare it as
> VARCHAR/TEXT without the size constraint. I just want to know what is best
> storage and performance wise?
For discussion of storage and performance characteristics, see "What
is the difference between the various character types?" in the FAQ
and "Character Types" in the documentation:
http://www.postgresql.org/docs/faqs.FAQ.html#4.10
http://www.postgresql.org/docs/8.0/interactive/datatype-character.html
--
Michael Fuhr
| From | Date | Subject | |
|---|---|---|---|
| Next Message | operationsengineer1 | 2005-10-23 05:01:22 | Re: WinXP Install - Account Password Information |
| Previous Message | me | 2005-10-23 01:04:13 | Re: WinXP Install - Account Password Information |