Re: Rejecting weak passwords

Peter Eisentraut <peter_e@gmx.net>

From: Peter Eisentraut <peter_e@gmx.net>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Mark Mielke <mark@mark.mielke.cc>, Dave Page <dpage@pgadmin.org>, Kevin Grittner <Kevin.Grittner@wicourts.gov>, Tom Lane <tgl@sss.pgh.pa.us>, Andrew Dunstan <andrew@dunslane.net>, Marko Kreen <markokr@gmail.com>, Magnus Hagander <magnus@hagander.net>, Greg Stark <gsstark@mit.edu>, Bruce Momjian <bruce@momjian.us>, pgsql-hackers <pgsql-hackers@postgresql.org>, mlortiz <mlortiz@uci.cu>, Albe Laurenz <laurenz.albe@wien.gv.at>
Date: 2009-10-19T11:34:55Z
Lists: pgsql-hackers
On Thu, 2009-10-15 at 13:19 -0400, Robert Haas wrote:
> But I don't understand why everyone is
> so worked up about having an *optional* *flag* to force plaintext
> instead of MD5.

It would be pretty bad usability.  Users would be faced with the choice:
you can have secure authentication or good passwords, but not both.
(For some values of "secure" and "good".)  I think most people would
want both.