Re: decrypted pwd

On Sat, 6 Sep 2003, Don V. Soledad wrote:

> good day!
>
> is there a way to retrieve a user's decrypted password, just like when i
> issued a "SELECT * FROM pg_shadow;" in the earlier version of postgresql?

Sure, here's the simple method:

1:  Generate a list of all possible passwords.
2:  Generate an md5 sig for each one.
3:  Compare your infinite number of md5 sigs to the one stored for the
user.  When they match, you've got the original password, or at least a
password that will work just like the original.

I think the total computer time required to do this is something on the
order of a few thousand years, so it might take a rather large farm of
machines in a cluster to do this.