Re: Storing sensitive data
От | Kevin Crenshaw |
---|---|
Тема | Re: Storing sensitive data |
Дата | |
Msg-id | 20060309191317.3D4899DC97E@postgresql.org обсуждение исходный текст |
Ответ на | Re: Storing sensitive data ("Neil Saunders" <n.j.saunders@gmail.com>) |
Список | pgsql-novice |
Neil, Thanks for your help! That's exactly what I was looking for. Kevin -----Original Message----- From: Neil Saunders [mailto:n.j.saunders@gmail.com] Sent: Thursday, March 09, 2006 8:31 AM To: Kevin Crenshaw Cc: pgsql-novice@postgresql.org Subject: Re: [NOVICE] Storing sensitive data The usual way of doing this is by not storing the password, but instead an MD5 representation of the password: INSERT INTO users (username, password) VALUES ('kevin', MD5('mypassword')) SELECT * FROM users WHERE username='kevin' AND password=MD5('mypassword'); This does mean that you won't know what your users passwords are, and that a user can't be reminded of their password, only have it changed, but these are usually un-important side effects. Hope this helps, Neil. On 3/9/06, Kevin Crenshaw <kcrenshaw@viscient.com> wrote: > > > > I have a table that stores usernames and passwords and I want to encrypt the > passwords before they are stored in the database. Will postgresql do this > for me, or do I have to do the encryption on the client side? Could you > please point me to some instructions on how to accomplish this. > > > > Thanks for your help, > > > > kevin > >
В списке pgsql-novice по дате отправления: