Sam Mason wrote:
On Thu, Apr 03, 2008 at 07:07:56PM +0200, Svenne Krap wrote:
ID serial
Username varchar
Password_md5 varchar
Password_sha1 varchar
...
Why not just use SHA-512, you get many more quality bits that way.
Or if he just wanted to use builtin tools and reduce accidental
collisions almost exactly the same much as he propopses, he could use
password_md5_with_salt_xxx varchar
password_md5_with_salt_yyy varchar
but I also can't see the point. Won't he have more
collisions from cosmic rays turning the results of his comparisons
from false to true anyway?
I would drop md5 totally and use sha1 and ripemd-160 if possible.. but
currently i use only md5 as it is the only available one.. Loading
pgcrypto is overkill for something as simple as hash-functions.
Sounds like a good reason for moving the current md5 function out into
pgcrypto as well! :)
I'd rephrase it as saying "a good reason for making it less
intimidating to install modules". +1 to all the approaches
that make this less scary.
For Perl Digest-SHA1's in CPAN http://search.cpan.org/dist/Digest-SHA1/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
