Professional Documents
Culture Documents
SHARE THIS
BLOG MUST READ COMMUNITY PROGRAMMING REMOTE WORKING GROWTH JOIN X-TEAM
CODE
Lucky for us, the pgcrypto module in PostgreSQL makes it very easy to follow these
rules. Let us take a look at an example.
https://x-team.com/blog/storing-secure-passwords-with-postgresql/ 1/4
4/20/2021 Storing Passwords Securely With PostgreSQL and Pgcrypto
When creating a new user, we can use the crypt function to encrypt the password.
We should always use the gen_salt function, to let PostgreSQL generate a random salt
for us. I prefer using the blowfish algorithm ( bf ) with gen_salt , but here is a list of the
algorithms you can use:
To authenticate a user, we use crypt again, but this time we pass these arguments:
If the password matches, crypt will return the same value as the one we already have in
the database.
SELECT id
FROM users
WHERE email = 'johndoe@mail.com'
AND password = crypt('johnspassword', password);
id
----
1
(1 row)
SELECT id
FROM users
https://x-team.com/blog/storing-secure-passwords-with-postgresql/ 2/4
4/20/2021 Storing Passwords Securely With PostgreSQL and Pgcrypto
id
----
(0 rows)
ALEXIS HEVIA
Read More
X-TEAM WEEKLY
Our curated newsletter across programming, productivity, and inspiration.
Keep up to date with the X-Team culture.
CODE
MORE STORIES
10 BEST OPEN-SOURCE JAVA TOOLS FOR
DEVELOPERS IN 2021
SEE ALL
5 MIN READ
CODE
A Gatsby theme isn't what it sounds like. Here's how you can create a basic Gatsby theme for a blog, how to configure your dev
environment, and how you can use your theme in existing Gatsby projects.
https://x-team.com/blog/storing-secure-passwords-with-postgresql/ 3/4
4/20/2021 Storing Passwords Securely With PostgreSQL and Pgcrypto
SHARE THIS
11 MIN READ
CONNECT
https://x-team.com/blog/storing-secure-passwords-with-postgresql/ 4/4