Re: Rejecting weak passwords

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Albe Laurenz <laurenz.albe@wien.gv.at>, Robert Haas <robertmhaas@gmail.com>, Mark Mielke <mark@mark.mielke.cc>, Dave Page <dpage@pgadmin.org>, Kevin Grittner <Kevin.Grittner@wicourts.gov>, Andrew Dunstan <andrew@dunslane.net>, Marko Kreen <markokr@gmail.com>, Magnus Hagander <magnus@hagander.net>, Greg Stark <gsstark@mit.edu>, pgsql-hackers <pgsql-hackers@postgresql.org>, mlortiz <mlortiz@uci.cu>
Date: 2009-10-20T04:08:32Z
Lists: pgsql-hackers
Tom Lane wrote:
> "Albe Laurenz" <laurenz.albe@wien.gv.at> writes:
> > Bruce Momjian wrote:
> >> Password checks might include password complexity or non-reuse of
> >> passwords. This facility will require the client to send the password to
> >> the server in plain-text, so SSL and 'password' authentication is
> >> necessary to use this features.
> 
> > So in my opinion that should be:
> > This facility will require to send new and changed password to
> > the server in plain-text, so it will require SSL, and the use
> > of encrypted passwords in CREATE/ALTER ROLE will have to be
> > disabled.
> 
> Actually, not one word of *either* version should be in TODO.  All of
> that is speculation about policies that a particular add-on module
> might or might not choose to enforce.

Agreed, updated:

	|Allow server-side enforcement of password policies
	|Password checks might include password complexity or non-reuse of
	passwords.  This facility will require the client to send password
	creation/changes to the server in plain-text, not MD5.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +