"Albe Laurenz" <laurenz.albe@wien.gv.at> writes:
> Tom Lane wrote:
>> Actually there's a much bigger problem with asking the backend to reject
>> weak passwords: what ya gonna do with a pre-MD5'd string? Which is
>> exactly what the backend is going to always get, in a security-conscious
>> environment.
> I'm thinking of the case where somebody changes his or her
> password interactively on the command line, with pgAdmin III,
> or similar. People would hardly use the above in that case,
Really? If pgAdmin has a password-change function that doesn't use
client-side password encryption then somebody should file a bug against
it. Sending unencrypted passwords exposes the password at least to the
postmaster logfile. createuser has been doing encryption, unless
specifically commanded not to, for a long time.
regards, tom lane
