Re: Rejecting weak passwords

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Dave Page <dpage@pgadmin.org>
Cc: Marko Kreen <markokr@gmail.com>, Albe Laurenz <laurenz.albe@wien.gv.at>, Andrew Dunstan <andrew@dunslane.net>, mlortiz <mlortiz@uci.cu>, Magnus Hagander <magnus@hagander.net>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2009-10-14T15:11:55Z
Lists: pgsql-hackers
Dave Page <dpage@pgadmin.org> writes:
> I would suggest that in addition to the proposed plugin, we add an
> suset GUC (defaulting to OFF) which rejects any use of WITH ENCRYPTED
> PASSWORD to ensure that the password complexity can be checked when
> roles are created or modified.

That's going to stop us from being beat up?  A GUC that forcibly
*weakens* security?  I can't see it.

If you're really intent on making that happen, you can have your
password checker plugin reject crypted passwords; we don't need
such a questionable rule in core.

			regards, tom lane