Re: Passwords

On Sat, 6 May 2000, Bruce Momjian wrote:

> Added to TODO:
> 
>     * Encrpyt passwords in pg_shadow table using MD5

Under FreeBSD, if you use crypt() for encrypting, and you are outside of
the 'export restricted area', you auto-get MD5 vs DES ... I think if DES
is available, it should be used over MD5, if we're doing this for security
reasons ...

My *understanding* is that MD5 is a half-way measure that is easier to
break then DES, which is why it isn't under the export restrictions ...


Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org