Re: [GENERAL] SHA1 on postgres 8.3
| От | Heikki Linnakangas |
|---|---|
| Тема | Re: [GENERAL] SHA1 on postgres 8.3 |
| Дата | |
| Msg-id | 47F5482B.7000400@enterprisedb.com обсуждение исходный текст |
| Ответ на | Re: [GENERAL] SHA1 on postgres 8.3 (Mark Mielke <mark@mark.mielke.cc>) |
| Ответы |
Re: [GENERAL] SHA1 on postgres 8.3
|
| Список | pgsql-hackers |
Mark Mielke wrote: > In any case, this is all irrelevant, because md5 passwords are still > very useful, and the argument that "more = better" is a never ending > infinite resource trap. More is not better. Better is better. If you can > prove md5 is insufficient for PostgreSQL passwords, the correct decision > would be to switch to something better, and deprecate md5 from the core. Agreed. One must also remember that if you use two hashes, if *either* one of them is broken in the future so that you can reconstruct the password from the hash, you're screwed. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: