Re: Is md5 really more secure than crypt?

"Glen Parker" <glenebob@nwlink.com> writes:
> This means that the only way a password can be compromized is to see the
> password hash in pg_shadow, and the only thing it can be used for is
> logging into postgres throught playback.  No plain-text password can be
> obtained.

Good point.  If you can read the pg_shadow password entries, then you
are already superuser w.r.t. Postgres, so what need have you to break
into any other database user identities?

I think the concern that was originally advanced about all this was
that the database admin should not be able to read the clear-text
passwords of his users, because far too many people use the same
password for different purposes, and so a DBA might learn how to
get into accounts he shouldn't have access to.  The MD5 scheme does
fix that problem (unless the other account chances to use the very
same MD5 hash scheme we do, which seems unlikely).

Still, we had a *long* discussion about the design of the MD5 password
scheme about a year ago, and I thought we'd come up with a design that
was proof against this sort of attack.  Need to go back and consult
the list archives...

            regards, tom lane