Re: Rejecting weak passwords
Albe Laurenz <laurenz.albe@wien.gv.at>
From: "Albe Laurenz" <laurenz.albe@wien.gv.at>
To: "Andrew Dunstan *EXTERN*" <andrew@dunslane.net>, "Dave Page" <dpage@pgadmin.org>
Cc: "pgsql-hackers" <pgsql-hackers@postgresql.org>
Date: 2009-10-01T13:26:59Z
Lists: pgsql-hackers
Andrew Dunstan wrote: >>> So here's the patch. >>> I don't think there is documentation required; >>> correct me if I am wrong. >> >> How will people know how to use it, or that it's even there without at >> least a note in the docs somewhere? > > I'd prefer to have an example as a contrib module, as well as docs. > Quite apart from anything else, how the heck would we test it without > such a thing? I was not sure because no other hooks were documented anywhere else than in the code. I could add a paragraph in the "auth-password" section of client-auth.sgml. Or is there a better place? I could easily write a simple contrib that adds a check for username = password if there is interest. Yours, Laurenz Albe