From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, Robert Haas <robertmhaas(at)gmail(dot)com>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>, Dave Page <dpage(at)pgadmin(dot)org>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Marko Kreen <markokr(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Greg Stark <gsstark(at)mit(dot)edu>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, mlortiz <mlortiz(at)uci(dot)cu> |
Subject: | Re: Rejecting weak passwords |
Date: | 2009-10-20 04:08:32 |
Message-ID: | 200910200408.n9K48Wd23470@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tom Lane wrote:
> "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
> > Bruce Momjian wrote:
> >> Password checks might include password complexity or non-reuse of
> >> passwords. This facility will require the client to send the password to
> >> the server in plain-text, so SSL and 'password' authentication is
> >> necessary to use this features.
>
> > So in my opinion that should be:
> > This facility will require to send new and changed password to
> > the server in plain-text, so it will require SSL, and the use
> > of encrypted passwords in CREATE/ALTER ROLE will have to be
> > disabled.
>
> Actually, not one word of *either* version should be in TODO. All of
> that is speculation about policies that a particular add-on module
> might or might not choose to enforce.
Agreed, updated:
|Allow server-side enforcement of password policies
|Password checks might include password complexity or non-reuse of
passwords. This facility will require the client to send password
creation/changes to the server in plain-text, not MD5.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
From | Date | Subject | |
---|---|---|---|
Next Message | Greg Smith | 2009-10-20 04:30:26 | Re: per table random-page-cost? |
Previous Message | Jeff Davis | 2009-10-20 03:05:37 | Re: per table random-page-cost? |