All Questions
Tagged with postgresqlpasswords
5 questions
4votes
1answer
1kviews
Is using `crypt` in PostgreSQL for password comparison secure against timing attacks?
I'm currently using PostgreSQL with the pgcrypto extension to store and verify user passwords. When a user logs in, I compare the entered password with the stored hash using the following query: ...
- 45
25votes
6answers
9kviews
Is a sha256 hash of a unix timestamp a strong password
I am setting up a postgres db that will never be used by humans. In fact, I really don't need to know it myself ever. I assumed that just using a 256bit(64 alphanumeric chars) hash of a unix timestamp ...
0votes
2answers
678views
Do I transmit a plaintext password to my PostgreSQL server?
PostgreSQL supports multiple authentication methods, and I think it supports SSL and plaintext connections. How do I find out which authentication method a server uses? I do not have access to the ...
- 35.4k
3votes
1answer
410views
Can I skip any password hashing for localhost authentication?
Setup I have several services (Postfix, Apache (PHP)) that access a PostgreSQL database on a Debian Linux 10 system. everyone is on the same host they use the loopback interface (127.0.0.1) to ...
2votes
3answers
2kviews
How strong should a database password be?
Seems like a trivial question, but I couldn't find other questions that address the following. So I'm simply asking, how strong would my (super user) database credentials ideally be? I simply figured ...
- 393
