Re: password management
| От | Christophe Dore |
|---|---|
| Тема | Re: password management |
| Дата | |
| Msg-id | 30B673D7B5844B4394E188D9FFAEF0990167FE10@mx01.corp.castsoftware.com обсуждение исходный текст |
| Ответ на | password management (akp geek <akpgeek@gmail.com>) |
| Список | pgsql-general |
Hi
IMHO, you should never store password in clear
If you store the last 5 crypted passwords, then you can make it comparing the new password, crypted, to those 5 strings.
Regards
--
Christophe Doré
Implementation Product Manager
3 rue Marcel Allegot
92190 Meudon, France
+33 1 46 90 21 00 office
+33 6 1379 2910 mobile
CAST, Leader in Automated Application Intelligence
Achieve Insight. Deliver Excellence.
www.castsoftware.com | Gain visibility into application quality to proactively manage risk and improve team performance.
From: akp geek [mailto:akpgeek@gmail.com]
Sent: jeudi 6 mai 2010 20:31
To: pgsql-general
Subject: password management
Dear all -
I am writing function to handle the passwords. Currently the crypt is being used to store the password in the database. what I need to do is, when the user wants to change the password, I need to check if that password is not being used before up to 5 times, If not then then records should be inserted to the database.
The problem where i am running into, when I capture the password that user entered, I can't compare to the one in database , because each time the function crypt gives different one. Is there any way that I can achieve this?
Appreciate your help
Regards
В списке pgsql-general по дате отправления: