One other topic that is related to this is that we now have a expire date
but it would be nice to have a number of days also. This would make it easy
to force the user to change their passwords every X days if internal
security is being used instead of something like Kerberos or LDAP.
Best Regards
Michael Gould
>Tom Lane" <tgl@sss.pgh.pa.us> wrote:
> Craig Ringer <craig@postnewspapers.com.au> writes:
>> Anyway ... I'm curious about whether `SET ROLE rolename WITH PASSWORD'
>> is something that's technically practical to implement in PostgreSQL and
>> what people think about the idea.
>
> Seems like it would have all the standard problems with cleartext
> passwords being exposed in pg_stat_activity, system logs, etc.
> Also, what about people who are using more-secure-than-password
> auth methods, like Kerberos?
>
> I'm not really for it.
>
> regards, tom lane
>
> --
> Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
Michael Gould, Managing Partner
Intermodal Software Solutions, LLC
904.226.0978
904.592.5250 fax
