Quick Links

User password encryption using a stronger hashing function?

From:	"Liu, Jianli (Jianli)" <jlliu(at)avaya(dot)com>
To:	"pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject:	User password encryption using a stronger hashing function?
Date:	2011-12-15 22:53:17
Message-ID:	47AB18AC0F23934383F2BBA7EE3D8D742281BB698C@DC-US1MBEX4.global.avaya.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-admin

By default, postgresql encrypts user passwords using the MD5 hashing function. They can be seen as "md5....." in the rolpassword column of the pg_authid table. Is there a mechanism that allows us to change this default behavior such that postgresql can encrypt the passwords stored in the pg_authid table using a stronger hashing function such as SHA1?

Postgresql conf file has a property "ssl_ciphers" in which you can specify a list of ciphers. But they are only used on ssl connections and have no impact on the ciphers used in user password encryption. Is this correct?

Responses

Re: User password encryption using a stronger hashing function? at 2011-12-20 17:32:52 from Liu, Jianli (Jianli)

Browse pgsql-admin by date

	From	Date	Subject
Next Message	Rural Hunter	2011-12-16 00:55:33	Re: Issues with log-shipping replication
Previous Message	Khusro Jaleel	2011-12-15 18:02:03	Issues with log-shipping replication