Pavel Borisov <pashkin.elfe@gmail.com> writes:
> Regarding the fact that using weak passwords isn't limited, I think
> anyone can write an extension that limits (or advises against) weak
> passwords based on the author's definition of weakness, like checking
> by dictionary or so. That's the power of Postgres extensibility. I
> don't like an idea that Postgres core should enforce some arbitrary
> things like "weakness".
It's less easy than it sounds, actually, because current best practice
is that the server will never see the cleartext password at all, so
you can't apply the usual litany of weak-password checks. About all
you can do is apply a brute force rainbow attack, which is far from
cheap (although I guess the DBA could run such checks in the background).
Even that might be rendered infeasible if the password is stored as
a SCRAM verifier; I'm not sure about that. Anyway, this is why
contrib/passwordcheck is a development backwater rather than something
people actually use.
regards, tom lane
