Re: Rejecting weak passwords

Robert Haas wrote:
> On Tue, Sep 29, 2009 at 9:48 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
>> "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
>>
>>> I thought about it some more, and I think that a password checking
>>> hook might still be somewhat useful even for MD5-encrypted passwords;
>>> the function could guess and exclude at least that dreadful
>>> all-too-frequent case of username = password.
>>>
>> True. You could probably even run through a moderate-size dictionary
>> of weak passwords, depending on how long you're willing to make the
>> user wait. (CHECK_FOR_INTERRUPTS inside the loop would be polite ;-))
>>
>
> But how much value is there in that? This whole thing seems like a
> dead end to me. No matter how long you're willing to wait, putting
> the checking on the client side will let you far more validation for
> the same price.
>
>
>

Why do we need to answer that question? If all we do is provide a hook,
the cost is very low, and the decision on value is left to whoever is
deploying some module to use the hook. And it will let people possibly
implement some password security policy dictated by some PHB, and so
check off a box on a form somewhere. Frankly, real security requires
that you pretty much get out of the password game, but passwords will
undoubtedly be around for a long time, since people will always trade
security for convenience.

cheers

andrew