On Fri, 24 May 2002 12:45:00 +0530
"Arindam Haldar" <arindamhaldar@hotpop.com> wrote:
> hi,
> i want to authenticate web users from postgrsql for which i created a
> table having,among others, username & password... is there any data
> types where password can be stored encrypted ?.. at present am vsing
> varchar(16) but i c one (administrator) can read the password. i didnt
> find any data type specifying encrypted type !...
Use contrib/pgcrypto, store the hashed version of the password (say,
using SHA1). When you want to check if the correct password is used,
hash the string the user entered and compare it to the stored version.
Cheers,
Neil
--
Neil Conway <neilconway@rogers.com>
PGP Key ID: DB3C29FC