Cryptographic functions for PostgreSQL
pgcrypto
extension provides cryptographic functions for PostgreSQL, including hashing, encryption, and random data generation.
Your Nile database arrives with the pgcrypto extension already enabled.
crypt()
function is recommended for password hashing:
password_hash = public.crypt(password, public.gen_salt('bf', 8))
❌ Don’t store plain MD5 (unsafe!):
password_hash = public.md5(password)
encrypted_data = public.encrypt(data, current_setting('app.encryption_key'), 'aes')
❌ Don’t store keys in the database
❌ Don’t hardcode keys in application code
SELECT public.gen_salt('bf', 8);
❌ Don’t reuse salts
❌ Don’t use static salts