Re: Rejecting weak passwords

"Albe Laurenz" <laurenz.albe@wien.gv.at> writes:
> Tom Lane wrote:
>> Actually there's a much bigger problem with asking the backend to reject
>> weak passwords: what ya gonna do with a pre-MD5'd string?  Which is
>> exactly what the backend is going to always get, in a security-conscious
>> environment.

> I'm thinking of the case where somebody changes his or her
> password interactively on the command line, with pgAdmin III,
> or similar. People would hardly use the above in that case,

Really?  If pgAdmin has a password-change function that doesn't use
client-side password encryption then somebody should file a bug against
it.  Sending unencrypted passwords exposes the password at least to the
postmaster logfile.  createuser has been doing encryption, unless
specifically commanded not to, for a long time.
        regards, tom lane