Home > mailing lists

Re: [HACKERS] Enhancements to passwordcheck - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] Enhancements to passwordcheck
Date	September 27, 2017 18:40:32
Msg-id	0c115849-2123-3b3d-55de-fa218f40ef48@2ndquadrant.com Whole thread Raw
In response to	Re: [HACKERS] Enhancements to passwordcheck ("Bossart, Nathan" <bossartn@amazon.com>)
Responses	Re: [HACKERS] Enhancements to passwordcheck ("Bossart, Nathan" <bossartn@amazon.com>)
List	pgsql-hackers

Tree view

On 9/25/17 23:10, Bossart, Nathan wrote:
> One interesting design challenge will be how to handle pre-hashed
> passwords, since the number of checks we can do on those is pretty
> limited.  I'm currently thinking of a parameter that can be used to
> block, allow, or force pre-hashed passwords.

Pre-hashed passwords are the normal case.  You can't break that without
making this module a net loss in security.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

pgsql-hackers by date:

From: Pavel Stehule
Date: 27 September 2017, 18:24:27
Subject: Re: [HACKERS] logical replication and statistics

From: Peter Eisentraut
Date: 27 September 2017, 18:41:49
Subject: Re: [HACKERS] md5 still listed as an option in pg_hba.conf.sample

Re: [HACKERS] Enhancements to passwordcheck - Mailing list pgsql-hackers

Previous

Next