[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-sql
Subject:    Re: [SQL] hi i need to encrypt one field in a table
From:       Mario Splivalo <mario.splivalo () mobart ! hr>
Date:       2006-05-30 15:09:54
Message-ID: 1149001795.18422.35.camel () localhost ! localdomain
[Download RAW message or body]

On Tue, 2006-05-30 at 15:42 +0530, Penchalaiah P. wrote:
> Hello,
> I want to create a table with an encrypted field for a password entry, so
> that you can see only ********.
> And can I encrypt fields which datatype is an integer or a timestamp?

No can do. I mean, you can't do something like that. You can either give
(actually, revoke) that particular user/role permisions to read the
table with the passwords, or you could store hashed values to the
database. 

Later is prefered, I'd say. You could use md5() function to create
hashes, store those in the database, and when checking for the
credentials compare the hases. You'd compare user input flushed trough
md5() function with the hash you have in the database. That way you
don't know what user passwords are, and you could only set a new
password if user forgets his/hers password.

You don't need encrypted passwords. 

	Mario
-- 
Mario Splivalo
Mob-Art
mario.splivalo@mobart.hr

"I can do it quick, I can do it cheap, I can do it well. Pick any two."



---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
       subscribe-nomail command to majordomo@postgresql.org so that your
       message can get through to the mailing list cleanly
[prev in list] [next in list] [prev in thread] [next in thread]