Re: How passwords can be crypted in postgres?

>  [...]
> Isn't this just as bad? If you store the encrypted password, that doesn't
> help you in the slightest in this case, because if you can breach the list
> of encrypted passwords, you still know what you need to send as the
> "password" from the front end to let you into the database.
>  [...]

If you encrypt the input from the frontend as well and compare the
encrypted strings it will not help you to look into the list of
encrypted passwords ... or am I wrong?

Regards, Jens Hartwig

=============================================
Jens Hartwig
---------------------------------------------
debis Systemhaus GEI mbH
10875 Berlin
Tel.     : +49 (0)30 2554-3282
Fax      : +49 (0)30 2554-3187
Mobil    : +49 (0)170 167-2648
E-Mail   : jhartwig@debis.com
=============================================