Home > mailing lists

Re: Rejecting weak passwords - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Rejecting weak passwords
Date	October 20, 2009 13:42:54
Msg-id	25830.1256046156@sss.pgh.pa.us Whole thread Raw
In response to	Re: Rejecting weak passwords (Magnus Hagander <magnus@hagander.net>)
Responses	Re: Rejecting weak passwords
List	pgsql-hackers

Tree view

Magnus Hagander <magnus@hagander.net> writes:
> 2009/10/19 Tom Lane <tgl@sss.pgh.pa.us>:
>> Now we have a user with name equal to password, which no sane security
>> policy will think is a good thing, but the plugin had no chance to
>> prevent it.

> The big difference is that you need to be superuser to change the name
> of a user, but not to change your own password.

True, but the superuser doesn't necessarily know what the user has
set his password to.
        regards, tom lane

pgsql-hackers by date:

From: Dave Page
Date: 20 October 2009, 12:42:36
Subject: Re: Client application name

From: "Kevin Grittner"
Date: 20 October 2009, 13:58:32
Subject: Re: per table random-page-cost?

Re: Rejecting weak passwords - Mailing list pgsql-hackers

Previous

Next