Re: Maximum password length
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: "Bossart, Nathan" <bossartn@amazon.com>
Cc: Isaac Morland <isaac.morland@gmail.com>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2018-10-12T21:23:38Z
Lists: pgsql-hackers
Greetings, * Bossart, Nathan (bossartn@amazon.com) wrote: > On 10/12/18, 4:04 PM, "Isaac Morland" <isaac.morland@gmail.com> wrote: > > I agree there should be a specific limit that is the same in libpq, > > on the server, and in the protocol. Maybe 128 characters, to get a > > nice round number? This is still way longer than the 32-byte SHA 256 > > hash. Or 64, which is still plenty but doesn't involve extending the > > current character buffer size to a longer value while still hugely > > exceeding the amount of information in the hash. > > My main motivation for suggesting the increase to 8k is to provide > flexibility for alternative authentication methods like LDAP, RADIUS, > PAM, and BSD. Specific use-cases here would be better than hand-waving at "these other things." Last I checked, all of those work with what we've got today and I don't recall hearing complaints about them not working due to this limit. Thanks! Stephen
Commits
-
Remove arbitrary restrictions on password length.
- 67a472d71c98 14.0 landed
-
Remove support for password_encryption='off' / 'plain'.
- eb61136dc75a 10.0 cited