> Yes, really, it's a known-broken system which suffers from such an old > and well known attack that it's been given a name: pass-the-hash. As > was discussed on this thread even, just the fact that it's not trivial > to break on the wire doesn't make it not-broken, particularly when we > use the username (which is rather commonly the same one used across > multiple systems..) as the salt. Worse, md5 isn't exactly the pinnacle
I am not a big fan of md5 auth but saying that md5 auth uses username as the salt is oversimplified. The md5 hashed password shored in pg_shadow is created as md5(password + username). But the md5 hashed password flying over wire is using a random salt like md5(md5(password + username) + random_salt). Best reagards, -- Tatsuo Ishii SRA OSS, Inc. Japan English: http://www.sraoss.co.jp/index_en.php Japanese:http://www.sraoss.co.jp
