Re: [PoC/RFC] Multiple passwords, interval expirations - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: [PoC/RFC] Multiple passwords, interval expirations
Date
Msg-id ZSLm6j5uOolfVdhv@momjian.us
Whole thread Raw
In response to Re: [PoC/RFC] Multiple passwords, interval expirations  (Gurjeet Singh <gurjeet@singh.im>)
Responses Re: [PoC/RFC] Multiple passwords, interval expirations
List pgsql-hackers
On Sun, Oct  8, 2023 at 10:24:42AM -0700, Gurjeet Singh wrote:
> On Fri, Oct 6, 2023 at 1:46 PM Bruce Momjian <bruce@momjian.us> wrote:
> >
> > On Fri, Oct  6, 2023 at 01:20:03PM -0700, Jeff Davis wrote:
> > > The basic problem, as I see it, is: how do we keep users from
> > > accidentally dropping the wrong password? Generated unique names or
> >
> > I thought we could auto-remove old password if the valid-until date is
> > in the past.
> 
> Autoremoving expired passwords will surprise users, and not in a good
> way. Making a password, even an expired one, disappear from the system
> will lead to astonishment. Among uses of an expired password are cases
> of it acting like a tombstone, and the case where the user may want to
> extend the validity of a password, instead of having to create a new
> one and change application configuration(s) to specify the new
> password.

I was speaking of autoremoving in cases where we are creating a new one,
and taking the previous new one and making it the old one, if that was
not clear.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  Only you can decide what is important to you.



pgsql-hackers by date:

Previous
From: Gurjeet Singh
Date:
Subject: Re: [PoC/RFC] Multiple passwords, interval expirations
Next
From: Gurjeet Singh
Date:
Subject: Re: [PoC/RFC] Multiple passwords, interval expirations