SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-09-2008, 01:00 PM
| ||||
| ||||
 Changing passwords from client application I need to implement an option to change passwords in my application, which authenticates using MD5. This application however operates over unencrypted link, so it'll be a little bit of a challege. I've came up with several possible implementations. -------------------------------------------------------- Implementation I 1. A user selects "change password" option. 2. Ask a user for a old password, new password, new password confirmation. 3. Connect to a database (this would be a second connection) using provided old password. 4. Invoke "select change_password(new_password_hash)" where new_password_hash=PQencryptPassword(new_password, username) and change_password(text) is a volatile, security definer, owned by superuser, which will just do alter role session_user encrypted password $1; This has two drawbacks: - it needs another connection to a database, so I could not limit concurrent connections for a user to 1; - it will be possible to use for example a left open psql session to change password of logged in user without knowledge of previous password. -------------------------------------------------------- Implementation II 1. and 2. the same. 3. Invoke "select change_password(old_password_hash, new_password_hash)" where new_password_hash=PQencryptPassword(new_password, username) old_password_hash=PQencryptPassword(old_password, username) Again change_password(text) is a volatile, security definer, owned by superuser function, which checks if pg_authid.rolpassword=$1 where rolname=session_user and then alter role session_user encrypted password $2; This time there is another problem - if anybody will sniff on this connection during password changing then he will be able to use this new_password_hash to change password if he had a left open psql session. -------------------------------------------------------- So do you have an idea how to securely change logged in user password over an unencrypted link? Regards Tometzky -- ....although Eating Honey was a very good thing to do, there was a moment just before you began to eat it which was better than when you were... Winnie the Pooh ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match      |
|
04-09-2008, 01:02 PM
| ||||
| ||||
| Re: Changing passwords from client application On Tue, 19 Dec 2006, Tomasz Ostrowski wrote: > - it will be possible to use for example a left open psql session to > change password of logged in user without knowledge of previous > password. Forget it - I just found on http://www.postgresql.org/docs/8.2/s...alterrole.html "Ordinary roles can only change their own password." I thought I tried to do this and failed so I assumed otherwise. but I had to make an error testing. Regards Tometzky -- ....although Eating Honey was a very good thing to do, there was a moment just before you began to eat it which was better than when you were... Winnie the Pooh ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq |
Linear Mode
