Re: Rejecting weak passwords

Peter Eisentraut <peter_e@gmx.net>

From: Peter Eisentraut <peter_e@gmx.net>
To: Albe Laurenz <laurenz.albe@wien.gv.at>
Cc: Bruce Momjian *EXTERN* <bruce@momjian.us>, Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, Mark Mielke <mark@mark.mielke.cc>, Dave Page <dpage@pgadmin.org>, Kevin Grittner <Kevin.Grittner@wicourts.gov>, Andrew Dunstan <andrew@dunslane.net>, Marko Kreen <markokr@gmail.com>, Magnus Hagander <magnus@hagander.net>, Greg Stark <gsstark@mit.edu>, pgsql-hackers <pgsql-hackers@postgresql.org>, mlortiz <mlortiz@uci.cu>
Date: 2009-10-19T16:08:08Z
Lists: pgsql-hackers
On Mon, 2009-10-19 at 14:54 +0200, Albe Laurenz wrote:
> Peter Eisentraut wrote:
> > Note that this solution will still not satisfy the original checkbox
> > requirement.
> 
> I guess I misunderstood something there, but I had assumed that the
> checkbox item read something like: "Does the product offer password
> policy enforcement?" (to quote Dave Page).

The answer to that is currently "Yes, with external tools".  Using the
plugin approach, the answer will remain "Yes, with external tools".  So
we wouldn't gain much.