Re: Rejecting weak passwords

Tom Lane escribió:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > On Mon, 2009-10-19 at 14:54 +0200, Albe Laurenz wrote:
> >> I guess I misunderstood something there, but I had assumed that the
> >> checkbox item read something like: "Does the product offer password
> >> policy enforcement?" (to quote Dave Page).
> 
> > The answer to that is currently "Yes, with external tools".  Using the
> > plugin approach, the answer will remain "Yes, with external tools".  So
> > we wouldn't gain much.
> 
> Except that your first statement is false.  It is not possible currently
> for any tool to prevent someone from doing ALTER USER joe PASSWORD joe.
> A server-side plugin can provide a guarantee that there are no bad
> passwords (for some value of bad, and with some possible adverse
> consequences).  We don't have that today.

We do, if you have you server grabbing passwords from LDAP or whatever
external auth service you use.  That would be more secure than anything
mentioned in this thread, because the password enforcement could work on
unencrypted passwords without adverse consequences.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.