* Tom Lane (t...@sss.pgh.pa.us) wrote: > Bruce Momjian <br...@momjian.us> writes: > > Let me update my list of possible improvements: > > > 1) MD5 makes users feel uneasy (though our usage is mostly safe) > > > 2) The per-session salt sent to the client is only 32-bits, meaning > > that it is possible to reply an observed MD5 hash in ~16k connection > > attempts. > > > 3) Using the user name for the MD5 storage salt allows the MD5 stored > > hash to be used on a different cluster if the user used the same > > password. > > > 4) Using the user name for the MD5 storage salt allows the MD5 stored > > hash to be used on the _same_ cluster. > > > 5) Using the user name for the MD5 storage salt causes the renaming of > > a user to break the stored password. > > What happened to "possession of the contents of pg_authid is sufficient > to log in"? I thought fixing that was one of the objectives here.
Yes, it certainly was. I think Bruce was thinking that we could simply
hash what goes on to disk with an additional salt that's stored, but
that wouldn't actually work without requiring a change to the wireline
protocol, which is the basis of this entire line of discussion, in my
view.
Thanks!
Stephen
signature.asc
Description: Digital signature
