Home > mailing lists

Re: Rejecting weak passwords - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Rejecting weak passwords
Date	October 16, 2009 17:35:15
Msg-id	200910161734.n9GHYio03654@momjian.us Whole thread Raw
In response to	Re: Rejecting weak passwords (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Rejecting weak passwords
List	pgsql-hackers

Tree view

Tom Lane wrote:
> Bruce Momjian <bruce@momjian.us> writes:
> > So, are we agreed to provide a hook on the server side, but to use it
> > you have to configure your system with SSL and 'password'?  I can add
> > that to the TODO list.
> 
> I think we're agreed to provide the hook.  What restrictions the hook
> might enforce are not our concern.

Great, added to TODO:
Allow server-side enforcement of password policies    Password checks might include password complexity or non-reuse
ofpasswords.This facility will require the client to send the password tothe server in plain-text, so SSL and
'password'authentication isnecessary to use this features.        *
http://archives.postgresql.org/pgsql-hackers/2009-09/msg01766.php       *
http://archives.postgresql.org/pgsql-hackers/2009-10/msg00025.php

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +

pgsql-hackers by date:

From: Tom Lane
Date: 16 October 2009, 17:33:28
Subject: Re: Reworks for Access Control facilities (r2363)

From: Bruce Momjian
Date: 16 October 2009, 17:41:05
Subject: Re: Rejecting weak passwords

Re: Rejecting weak passwords - Mailing list pgsql-hackers

Previous

Next