| From: | "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | "Tom Lane *EXTERN*" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Andrew Dunstan" <andrew(at)dunslane(dot)net>, "mlortiz" <mlortiz(at)uci(dot)cu>, "Magnus Hagander" <magnus(at)hagander(dot)net>, "pgsql-hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Rejecting weak passwords |
| Date: | 2009-09-28 15:31:37 |
| Message-ID: | D960CB61B694CF459DCFB4B0128514C203937F4E@exadv11.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Actually there's a much bigger problem with asking the backend to reject
> weak passwords: what ya gonna do with a pre-MD5'd string? Which is
> exactly what the backend is going to always get, in a security-conscious
> environment.
You mean if the password is set with
CREATE/ALTER ROLE x ENCRYPTED PASSWORD 'md5string' ?
That could not be checked of course...
I'm thinking of the case where somebody changes his or her
password interactively on the command line, with pgAdmin III,
or similar. People would hardly use the above in that case,
and you can do it safely over SSL encrypted connections.
Given the feedback by everybody (thanks!) I will investigate
the option of a loadable module or some other kind of hook.
Is there code in PostgreSQL that uses something like that
to get me started?
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marko Tiikkaja | 2009-09-28 15:31:59 | Re: Using results from INSERT ... RETURNING |
| Previous Message | Tom Lane | 2009-09-28 15:06:15 | Re: Rejecting weak passwords |