On Wed, May 6, 2020 at 5:26 PM Peter J. Holzer <hjp-pg...@hjp.at> wrote:
> On 2020-05-06 09:28:28 -0400, Stephen Frost wrote: > > LDAP-based authentication in PG involves passing the user's password to > > the database server in the clear (or tunneled through SSL, but that > > doesn't help if the DB is compromised), so it's really not a good > > solution. > > Still a lot better than PostgreSQL's md5 scheme, which stores > password-equivalent hashes: If the database is compromised the attacker > has all hashes immediately and can use them to login. Intercepting > encrypted traffic even at the endpoint is much harder and can only > uncover passwords actually used. > If the database is compromised the attacker already has the data, though, so not as many needs to log in anymore. But more to the point -- one should not use md5 in PostgreSQL these days, one should be using scram-sha-256 which does not have this problem (and has been around for a few years by now)., if using local database logins. -- Magnus Hagander Me: https://www.hagander.net/ <http://www.hagander.net/> Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
