| From: | "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Password policy |
| Date: | 2008-01-16 15:39:21 |
| Message-ID: | 20080116103921.783af659.darcy@druid.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 16 Jan 2008 08:32:12 -0500
Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
> >> I need to set a basic password policy for accounts but I don't see any
> > Look at my chkpass type in contrib. There is a function to verify the
> > password. It is just a placeholder now but you can modify it to do all
> > your checking.
>
> I assumed he was asking about Postgres level passwords rather than
> passwords maintained by an application. chkpass is only for the latter.
Could be. I saw "accounts" and thought Unix shell or ISP accounts.
> ( Slightly OT - chkpass uses crypt(). Maybe that should be upgraded to
> use md5 or some more modern hashing function. )
Yes, I have said many times that other encryption types could easily be
dropped in. It could even be changed to handle either as long as there
was some way to set the default. However, these things haven't yet
been a requirement for me so I have not bothered yet.
--
D'Arcy J.M. Cain <darcy(at)druid(dot)net> | Democracy is three wolves
http://www.druid.net/darcy/ | and a sheep voting on
+1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian G. Pflug | 2008-01-16 16:07:04 | Re: Transaction Snapshot Cloning |
| Previous Message | Kenneth Marshall | 2008-01-16 15:14:20 | Re: WAL logging of hash indexes |