Re: Removing a user's password

Tom Lane wrote:
> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > What capabilities do we have for removing a user's password?
> 
> If you set VALID UNTIL to 'now' (or sometime in the past), you've
> effectively prevented him from logging in with the password ---
> more effectively than setting the password to NULL, since if the
> user is still logged in he can just undo that.  I don't think we
> really need to do anything more here.

Well, can they undo the VALID UNTIL too?  I think at a minimum we need
to document the proper procedure for removing a password.  I see NULL as
a more logical way of removing the password rather than playing with
VALID UNTIL.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
359-1001+  If your life is a hard drive,     |  13 Roberts Road +  Christ can be your backup.        |  Newtown Square,
Pennsylvania19073