5 <indexterm zone="chkpass">
6 <primary>chkpass</primary>
10 chkpass is a password type that is automatically checked and converted upon
11 entry. It is stored encrypted. To compare, simply compare against a clear
12 text password and the comparison function will encrypt it before comparing.
13 It also returns an error if the code determines that the password is easily
14 crackable. This is currently a stub that does nothing.
18 Note that the chkpass data type is not indexable.
20 I haven't worried about making this type indexable. I doubt that anyone
21 would ever need to sort a file in order of encrypted password.
26 If you precede the string with a colon, the encryption and checking are
27 skipped so that you can enter existing passwords into the field.
31 On output, a colon is prepended. This makes it possible to dump and reload
32 passwords without re-encrypting them. If you want the password (encrypted)
33 without the colon then use the raw() function. This allows you to use the
34 type with things like Apache's Auth_PostgreSQL module.
38 The encryption uses the standard Unix function crypt(), and so it suffers
39 from all the usual limitations of that function; notably that only the
40 first eight characters of a password are considered.
44 Here is some sample usage:
48 test=# create table test (p chkpass);
50 test=# insert into test values ('hello');
52 test=# select * from test;
58 test=# select raw(p) from test;
64 test=# select p = 'hello' from test;
70 test=# select p = 'goodbye' from test;
80 D'Arcy J.M. Cain <email>darcy@druid.net</email>