Hi,

I originally meant  that the password inputbox shows the password like "mypassword" and not like "**********"

regards, Tom

---------------------- Weitergeleitet von Tom Zschockelt/Penig/Flender on 18.11.2003 09:09 ---------------------------

Gesendet von:        [EMAIL PROTECTED]

An:        "Christopher Kings-Lynne" <[EMAIL PROTECTED]>
Kopie:        "Andreas Pflug" <[EMAIL PROTECTED]>, "Michiel Lange" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
Thema:        Re: [pgadmin-support] bug in pgadmin III

 

> -----Original Message-----
> From: Christopher Kings-Lynne [mailto:[EMAIL PROTECTED]
> Sent: 18 November 2003 01:19
> To: Dave Page
> Cc: Andreas Pflug; Michiel Lange; [EMAIL PROTECTED]
> Subject: Re: [pgadmin-support] bug in pgadmin III
>
>
> >>If you know how to encrypt the password, we certainly could
> supply the
> >>option to enter it that way...
> >
> >
> > It's just an md5 hash prefixed with 'md5' isn't it?
>
> ???
>
> Don't you just go ALTER USER blah ENCRYPTED PASSWORD 'asdf';
>
> And postgres itself will encrypt it for you.

Yeah, but the idea is to encrypt client-side to prevent sending
passwords over the wire in cleartext. The can be loaded from a dump
pre-hashed, so why can't we set them that way for a little extra
security?

> Your SQL view should show whatever PostgreSQL's pg_dump shows I think.

Agreed. Normally, I would hope that is a hash...

Regards, Dave

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
   (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])

Reply via email to