On Tue, Feb 10, 2015 at 10:19 PM, Peter Geoghegan <p...@heroku.com> wrote: > On Tue, Feb 10, 2015 at 5:14 PM, Arthur Silva <arthur...@gmail.com> wrote: >> I don't think the "password storing best practices" apply to db connection >> authentication. > > Why not?
Usually because handshakes use a random salt on both sides. Not sure about pg's though, but in general collision strength is required but not slowness, they're not bruteforceable. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
