The list of all the queries

Are the passwords hashed?

Query goal: Find base table columns that name refers to the possibility that these are used to register passwords. Return a value from each such column. Make sure that the password is not registered as open text.
Notes about the query: The test creates a user-defined function that should be dropped in the end (see the garbage collection). The query considers both column names in English and Estonian. The query returns (randomly) only one value. It could be that some values in the column are hashed and some are not.
Query type: General (Overview of some aspect of the database.)
Query license: MIT License
Data source: INFORMATION_SCHEMA+system catalog
SQL query: Click on query to copy it

CREATE OR REPLACE FUNCTION f_check_password() RETURNS TEXT AS $$
DECLARE
sql_stmt TEXT;
val TEXT ;
passwd_columns RECORD;
table_schema TEXT;
table_name TEXT;
column_name TEXT;
sample_value TEXT;
return_str TEXT:='';
BEGIN
RAISE NOTICE 'Checking whether password is open text';
FOR passwd_columns IN SELECT c.table_schema, c.table_name, c.column_name
FROM INFORMATION_SCHEMA.columns AS c INNER JOIN INFORMATION_SCHEMA.tables AS t USING
(table_schema, table_name) WHERE c.data_type IN ('character', 'character varying', 'text') AND
t.table_type='BASE TABLE' AND c.table_schema NOT IN (SELECT schema_name
FROM INFORMATION_SCHEMA.schemata
WHERE schema_name<>'public' AND
schema_owner='postgres' AND schema_name IS NOT NULL)  AND
c.column_name~*'(parool|salasona|passw*|pwd)'
ORDER BY c.table_schema, c.table_name LOOP
table_schema:= passwd_columns.table_schema;
table_name:= passwd_columns.table_name;
column_name:= passwd_columns.column_name;
sql_stmt:='SELECT ' || quote_ident(column_name) || ' AS c FROM ' || quote_ident(table_schema) ||'.' || quote_ident(table_name) || ' LIMIT 1';
EXECUTE sql_stmt INTO sample_value;
return_str:=return_str || ' ' || quote_ident(table_schema) || '.' ||  quote_ident(table_name) || '.' || quote_ident(column_name) || '=' || sample_value;
END LOOP;
RAISE NOTICE 'Detection completed';
RETURN return_str;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER
SET search_path = information_schema, pg_temp;
SELECT f_check_password() AS sample_values;

DROP FUNCTION IF EXISTS f_check_password();

Collections where the query belongs to

Collection nameCollection description
Find problems by overviewQueries that results point to different aspects of database that might have problems. A human reviewer has to decide based on the results as to whether there are problems or not .

Categories where the query belongs to

Category nameCategory description
Data at the database logical levelQueries of this category provide information about data in base tables.
Result quality depends on namesQueries of this category use names (for instance, column names) to try to guess the meaning of a database object. Thus, the goodness of names determines the number of false positive and false negative results.
SecurityQueries of this category provide information about the security measures.

The list of all the queries