Home > mailing lists

Re: Rejecting weak passwords - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Rejecting weak passwords
Date	October 14, 2009 22:23:49
Msg-id	7740.1255558999@sss.pgh.pa.us Whole thread Raw
In response to	Re: Rejecting weak passwords (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Rejecting weak passwords
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:
> Well, you would lose anyway if the DBA switches the pg_hba.conf setting
> from md5 to password without telling you.

True :-(.  Anybody for a zero-knowledge protocol?

(Realistically, non-password-based auth methods are the only real
solution here, I fear.  We should probably be doing more to encourage
people to use SSL-cert-based authentication in low-trust situations.)
        regards, tom lane

pgsql-hackers by date:

From: Mark Mielke
Date: 14 October 2009, 22:22:27
Subject: Re: Rejecting weak passwords

From: Peter Eisentraut
Date: 14 October 2009, 22:25:13
Subject: Re: Rejecting weak passwords

Re: Rejecting weak passwords - Mailing list pgsql-hackers

Previous

Next