| From: | Bertrand Drouvot <bertranddrouvot(dot)pg(at)gmail(dot)com> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | Emanuele Musella <emamuse86(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Parametrization minimum password lenght |
| Date: | 2024-12-19 07:25:30 |
| Message-ID: | Z2PKagtsPVs4wTNf@ip-10-97-1-34.eu-west-3.compute.internal |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On Wed, Dec 18, 2024 at 02:56:24PM -0600, Nathan Bossart wrote:
> Here is what I have staged for commit.
Thanks!
A few comments:
=== 1
+ if (pwdlen < min_password_length)
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("password is too short")));
Now that the minimum password length is not "hardcoded" anymore, I wonder if it
wouldn't be better to provide more details here (pwdlen and min_password_length).
Suggestion in on_top_of_0001.txt attached.
=== 2
+ /* Define custom GUC variables. */
+ DefineCustomIntVariable("passwordcheck.min_password_length",
+ "Minimum allowed password length.",
+ NULL,
+ &min_password_length,
+ 8,
+ 0, INT_MAX,
Since password must contain both letters and nonletters, 0 seems too low. I
wonder if 2 is not a better value (done in on_top_of_0001.txt attached).
Also, it seems to me that INT_MAX is too large (as mentioned in [1]), but that's
probably a nit.
[1]: https://www.postgresql.org/message-id/Zzzmw4IAvrypmFO4%40ip-10-97-1-34.eu-west-3.compute.internal
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| Attachment | Content-Type | Size |
|---|---|---|
| on_top_of_0001.txt | text/plain | 1.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2024-12-19 07:25:51 | Re: proposal: schema variables |
| Previous Message | jian he | 2024-12-19 06:48:05 | Re: New "single" COPY format |