Re: Rejecting weak passwords

Albe Laurenz <laurenz.albe@wien.gv.at>

From: "Albe Laurenz" <laurenz.albe@wien.gv.at>
To: "Aidan Van Dyk *EXTERN*" <aidan@highrise.ca>
Cc: "pgsql-hackers" <pgsql-hackers@postgresql.org>
Date: 2009-10-01T15:07:26Z
Lists: pgsql-hackers
Aidan Van Dyk wrote:
> Can we have the check password hook function called in both the
> plaintext/encrypted case, with a flag as to whether it's encrypted or
> not?

It will be called in both cases, and I figured that you can
check yourself the same way that PostgreSQL does:
If isMD5(password), then it is treated as an encrypted password.

Yours,
Laurenz Albe