Re: Rejecting weak passwords
Andrew Dunstan <andrew@dunslane.net>
From: Andrew Dunstan <andrew@dunslane.net>
To: Albe Laurenz <laurenz.albe@wien.gv.at>
Cc: pgsql-hackers@postgresql.org
Date: 2009-09-28T11:35:03Z
Lists: pgsql-hackers
Albe Laurenz wrote: > Dear hackers, > > I have been thinking about ways to have PostgreSQL reject > weak passwords. > > I think the standard recommendation is "use PAM and LDAP", > but that requires the user to change the password outside > of PostgreSQL. And who would want to setup and maintain an > LDAP server just for this? > > Since everybody has different ideas what is a good password, > there should be some way to configure that. I've looked at > how Oracle does it, and they simply let you write a > stored procedure that throws an exception if it doesn't > like the password. > Since users are on cluster level and functions live in > databases, that won't work in PostgreSQL. > > I have come up with an idea or two and like to hear your > opinion. > > 1) One could have a set of GUCs like min_password_length, > min_password_nonchars and similar that everybody > could configure. This is not extremely flexible though. > 2) Another idea would be a GUC that contains a regular > expression that a password may *not* match. > Perhaps that's too limiting too. > 3) I have also considered a GUC that points to a loadable > module that performs the password check if set. > > > My vote is for #3, if anything. cheers andrew