Re: Rejecting weak passwords

* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > Well, you would lose anyway if the DBA switches the pg_hba.conf setting
> > from md5 to password without telling you.
>
> True :-(.  Anybody for a zero-knowledge protocol?
>
> (Realistically, non-password-based auth methods are the only real
> solution here, I fear.  We should probably be doing more to encourage
> people to use SSL-cert-based authentication in low-trust situations.)

Or GSSAPI..  Helping users understand how they can leverage their
existing Kerberos or MS SSPI single-sign-on infrastructures to securely
access PG would go a long way to reducing the password-based usage out
there, imo.  Of course, it'd be nice if we supported GSSAPI encrypted
transport too.  Separating the encryption into SSL is less than ideal.
Stephen