Re: Rejecting weak passwords
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: "Kevin Grittner" <Kevin.Grittner@wicourts.gov>
Cc: "Dave Page" <dpage@pgadmin.org>, "Andrew Dunstan" <andrew@dunslane.net>, "Marko Kreen" <markokr@gmail.com>, "Magnus Hagander" <magnus@hagander.net>, "Greg Stark" <gsstark@mit.edu>, "Bruce Momjian" <bruce@momjian.us>, "pgsql-hackers" <pgsql-hackers@postgresql.org>, "mlortiz" <mlortiz@uci.cu>, "Albe Laurenz" <laurenz.albe@wien.gv.at>
Date: 2009-10-14T21:17:53Z
Lists: pgsql-hackers
"Kevin Grittner" <Kevin.Grittner@wicourts.gov> writes: > And, perhaps slightly off topic: if the login password is sent over a > non-encrypted stream, md5sum or not, can't someone use it to log in if > they're generating their own stream to connect? Not if they only capture a login exchange --- the password is doubly encrypted during that. If they see the md5'd password in a CREATE USER command, then yeah, they could pass a subsequent md5 challenge, using suitably modified client software that doesn't try to re-encrypt the given password. But the main point is to hide the cleartext password, in any case. regards, tom lane