Home > mailing lists

Re: Rejecting weak passwords - Mailing list pgsql-hackers

From	Itagaki Takahiro
Subject	Re: Rejecting weak passwords
Date	November 18, 2009 04:50:44
Msg-id	20091118145109.A4BD.52131E4D@oss.ntt.co.jp Whole thread Raw
In response to	Re: Rejecting weak passwords ("Albe Laurenz" <laurenz.albe@wien.gv.at>)
Responses	Re: Rejecting weak passwords Re: Rejecting weak passwords Re: Rejecting weak passwords
List	pgsql-hackers

Tree view

"Albe Laurenz" <laurenz.albe@wien.gv.at> wrote:

> Heikki Linnakangas wrote:
> > I think it would better to add an explicit "isencrypted" parameter to
> > the check_password_hook function, rather than require the module to do
> > isMD5 on the password.
> 
> I agree on the second point, and I changed the patch accordingly.
> Here's the latest version.

Looks good. I change status of the patch to "Ready for Committer".

BTW, it might not be a work for this patch, we also need to
reject too long "VALID UNTIL" setting. If the password is
complex, we should not use the same password for a long time.

Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center

pgsql-hackers by date:

From: "Joshua D. Drake"
Date: 18 November 2009, 04:12:45
Subject: Re: plpgsql: open for execute - add USING clause

From: Pavel Stehule
Date: 18 November 2009, 04:56:10
Subject: Re: plpgsql: open for execute - add USING clause

Re: Rejecting weak passwords - Mailing list pgsql-hackers

Previous

Next