From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Gurjeet Singh <gurjeet(at)singh(dot)im> |
Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, Nathan Bossart <nathandbossart(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Stephen Frost <sfrost(at)snowman(dot)net>, "Brindle, Joshua" <joshuqbr(at)amazon(dot)com>, Jacob Champion <jchampion(at)timescale(dot)com> |
Subject: | Re: [PoC/RFC] Multiple passwords, interval expirations |
Date: | 2023-10-08 17:29:14 |
Message-ID: | ZSLm6j5uOolfVdhv@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sun, Oct 8, 2023 at 10:24:42AM -0700, Gurjeet Singh wrote:
> On Fri, Oct 6, 2023 at 1:46 PM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> >
> > On Fri, Oct 6, 2023 at 01:20:03PM -0700, Jeff Davis wrote:
> > > The basic problem, as I see it, is: how do we keep users from
> > > accidentally dropping the wrong password? Generated unique names or
> >
> > I thought we could auto-remove old password if the valid-until date is
> > in the past.
>
> Autoremoving expired passwords will surprise users, and not in a good
> way. Making a password, even an expired one, disappear from the system
> will lead to astonishment. Among uses of an expired password are cases
> of it acting like a tombstone, and the case where the user may want to
> extend the validity of a password, instead of having to create a new
> one and change application configuration(s) to specify the new
> password.
I was speaking of autoremoving in cases where we are creating a new one,
and taking the previous new one and making it the old one, if that was
not clear.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
From | Date | Subject | |
---|---|---|---|
Next Message | Gurjeet Singh | 2023-10-08 17:50:15 | Re: [PoC/RFC] Multiple passwords, interval expirations |
Previous Message | Gurjeet Singh | 2023-10-08 17:24:42 | Re: [PoC/RFC] Multiple passwords, interval expirations |