Salt And Hash A Password With pgcrypto
The pgcrypto
extension that ships with PostgreSQL can be used to do a number of interesting things. This includes functions for doing salted password hashing. Using the crypt
and gen_salt
functions, we can securely store a user password and later compare it to plain-text passwords for authentication purposes.
The salt value is generated using the blowfish encryption algorithm (hence, the 'bf'
). There is support for other algorithms such as md5
.
See the pgcrypt
documentation for more details.
Last updated