Tino Wildenhain <[EMAIL PROTECTED]> writes: > PS: the hash would suit better when used in a challenge authorization, > meaning the server sends a random key, let the client > hash(random_key || md5( cleartext_password || username ) ) > and compare it on server with > hash(random_key || stored_password)
Hm? That is exactly what we're doing.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend
