Re: Rejecting weak passwords

In response to "Ing. Marcos L. Ortí­z Valmaseda" <mlortiz(at)uci(dot)cu>:

> Andrew Dunstan escribió:
> >
> > Albe Laurenz wrote:
> >> Dear hackers,
> >>
> >> I have been thinking about ways to have PostgreSQL reject
> >> weak passwords.
> >>
> >> I think the standard recommendation is "use PAM and LDAP",
> >> but that requires the user to change the password outside
> >> of PostgreSQL. And who would want to setup and maintain an
> >> LDAP server just for this?

An option here is to have a way for PG to hook in to LDAP/PAM so
that an ALTER ROLE actually changes the LDAP/PAM password.

> >> Since everybody has different ideas what is a good password,
> >> there should be some way to configure that. I've looked at
> >> how Oracle does it, and they simply let you write a
> >> stored procedure that throws an exception if it doesn't
> >> like the password.

[snip]

> >> 3) I have also considered a GUC that points to a loadable
> >> module that performs the password check if set.
> >
> You have to analyze all points before to do this. I vote too for the
> third option, but you have to be clear that how do you ´ll check the
> weakness of the password:
> 1- For example: the length should be greater that 6 char..
> 2- The password should be have a combination fo numbers, letters and
> others dots

I think you've missed the point. If a loadable module is used, then
it can do anything the DBAs need it to. You can write your own module
if you're not happy with those provided. At that point, arguing about
what makes a good password is pretty irrelevant. Note the paragraph
that I didn't snip where Albe points this out.

--
Bill Moran
http://www.potentialtech.com
http://people.collaborativefusion.com/~wmoran/