Skip site navigation (1) Skip section navigation (2)

Rejecting weak passwords

From: "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at>
To: <pgsql-hackers(at)postgresql(dot)org>
Subject: Rejecting weak passwords
Date: 2009-09-28 09:54:17
Message-ID: D960CB61B694CF459DCFB4B0128514C203937F49@exadv11.host.magwien.gv.at (view raw or flat)
Thread:
Lists: pgsql-hackers
Dear hackers,

I have been thinking about ways to have PostgreSQL reject
weak passwords.

I think the standard recommendation is "use PAM and LDAP",
but that requires the user to change the password outside
of PostgreSQL. And who would want to setup and maintain an
LDAP server just for this?

Since everybody has different ideas what is a good password,
there should be some way to configure that. I've looked at
how Oracle does it, and they simply let you write a
stored procedure that throws an exception if it doesn't
like the password.
Since users are on cluster level and functions live in
databases, that won't work in PostgreSQL.

I have come up with an idea or two and like to hear your
opinion.

1) One could have a set of GUCs like min_password_length,
   min_password_nonchars and similar that everybody
   could configure. This is not extremely flexible though.
2) Another idea would be a GUC that contains a regular
   expression that a password may *not* match.
   Perhaps that's too limiting too.
3) I have also considered a GUC that points to a loadable
   module that performs the password check if set.

Are there better ways?

Yours,
Laurenz Albe

Responses

pgsql-hackers by date

Next:From: Itagaki TakahiroDate: 2009-09-28 10:08:43
Subject: Re: CREATE LIKE INCLUDING COMMENTS and STORAGES
Previous:From: Pavel StehuleDate: 2009-09-28 09:50:54
Subject: Re: Issues for named/mixed function notation patch

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group