| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
| Cc: | "Bossart, Nathan" <bossartn(at)amazon(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Euler Taveira <euler(at)timbira(dot)com(dot)br>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Enhancements to passwordcheck |
| Date: | 2017-09-27 22:59:43 |
| Message-ID: | CAB7nPqSxUUXLggijB=bY=iyZqocdEv=W3u9wZMc3CweLQhFEzQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Sep 28, 2017 at 12:06 AM, Alvaro Herrera
<alvherre(at)alvh(dot)no-ip(dot)org> wrote:
> I think a password strength check must live at the end that does the
> encryption -- something like in psql when you do the \password command,
> *before* the encrypted password is sent to the server. Then you can do
> all sort of stuff (... except check for password history).
>
> I think the passwordcheck module as a whole is a dead end, security-
> wise. Myself, I've never seen the point in it. It runs at the wrong
> time, and there's no way to fix that.
Client commands may be run on a trusted network as well, let's not
forget that. But I definitely agree that this is bad practice in
general to not hash passwords beforehand. Another thing that
passwordcheck is good at is being an example of hook use. I would
think that many people refer to it when implementing their own module
for whatever they want.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2017-09-27 23:15:37 | Re: SendRowDescriptionMessage() is slow for queries with a lot of columns |
| Previous Message | Daniel Gustafsson | 2017-09-27 22:59:06 | Re: bgw_type (was Re: Why does logical replication launcher set application_name?) |