Re: Rejecting weak passwords
Andrew Dunstan <andrew@dunslane.net>
From: Andrew Dunstan <andrew@dunslane.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Dave Page <dpage@pgadmin.org>, Marko Kreen <markokr@gmail.com>, Albe Laurenz <laurenz.albe@wien.gv.at>, mlortiz <mlortiz@uci.cu>, Magnus Hagander <magnus@hagander.net>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2009-10-14T15:22:43Z
Lists: pgsql-hackers
Tom Lane wrote: > Dave Page <dpage@pgadmin.org> writes: > >> I would suggest that in addition to the proposed plugin, we add an >> suset GUC (defaulting to OFF) which rejects any use of WITH ENCRYPTED >> PASSWORD to ensure that the password complexity can be checked when >> roles are created or modified. >> > > That's going to stop us from being beat up? A GUC that forcibly > *weakens* security? I can't see it. > > If you're really intent on making that happen, you can have your > password checker plugin reject crypted passwords; we don't need > such a questionable rule in core. > > > And you could have the plugin do that depending on a custom GUC. cheers andrew