postgresql-interfaces/psqlodbc GitHub issues and pull requests (mirror)
help / color / mirror / Atom feedFrom: benjaminpochat (@benjaminpochat) <[email protected]>
To: postgresql-interfaces/psqlodbc <[email protected]>
Subject: [postgresql-interfaces/psqlodbc] issue #74: encryption of password
Date: Thu, 21 Nov 2024 07:27:20 +0000
Message-ID: <[email protected]> (raw)
When you click SAVE the password is stored as clear text in
HKEY_CURRENT_USER\Software\ODBC\ODBC.INI\postgres\Password
Would it be possible to store the password encrypted ?
In my company, the use of postgre odbc client is compromised because
passwords are stored as clear text in Windows registry.
Our use case consists in individual authentication to postgre databases,
thanks to ldap2pg tool, for BI purposes.
As a consequence, individual passwords are used in odbc clients.
Then, the fact that postgre odbc client stores these personnal passwords as clear
text is a real security issue.
PS. : This issue follows [this discussion on psql-odbc mailing list ](https://www.postgresql.org/message-id/CADK3HHJqiZWkftjjD%3De_w3XLY6ri-0nXFKR4JQfL_dhab%2B8mig%40mail...)
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: github://postgresql-interfaces/psqlodbc
Cc: [email protected], [email protected]
Subject: Re: [postgresql-interfaces/psqlodbc] issue #74: encryption of password
In-Reply-To: <<[email protected]>>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox