Re: Maximum password length
Nathan Bossart <bossartn@amazon.com>
From: "Bossart, Nathan" <bossartn@amazon.com>
To: Stephen Frost <sfrost@snowman.net>
Cc: Isaac Morland <isaac.morland@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2018-10-12T23:02:54Z
Lists: pgsql-hackers
On 10/12/18, 4:24 PM, "Stephen Frost" <sfrost@snowman.net> wrote: > * Bossart, Nathan (bossartn@amazon.com) wrote: >> My main motivation for suggesting the increase to 8k is to provide >> flexibility for alternative authentication methods like LDAP, RADIUS, >> PAM, and BSD. > > Specific use-cases here would be better than hand-waving at "these other > things." Last I checked, all of those work with what we've got today > and I don't recall hearing complaints about them not working due to this > limit. The main one I am thinking of is generated security tokens. It seems reasonable to me to limit md5 and scram-sha-256 passwords to a much shorter length, but I think the actual server message limit should be somewhat more flexible. Nathan
Commits
-
Remove arbitrary restrictions on password length.
- 67a472d71c98 14.0 landed
-
Remove support for password_encryption='off' / 'plain'.
- eb61136dc75a 10.0 cited