Re: Rejecting weak passwords
| От | Tom Lane |
|---|---|
| Тема | Re: Rejecting weak passwords |
| Дата | |
| Msg-id | 3043.1255551955@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Rejecting weak passwords (Dave Page <dpage@pgadmin.org>) |
| Список | pgsql-hackers |
Dave Page <dpage@pgadmin.org> writes:
> I said up front this was a box-ticking exercise for these folks,
> however, rather than just tick the box and move on (meh - who cares if
> we can store 2009-02-31 - it stores all the valid dates which are the
> ones that matter :-p ) I prefer to discuss the issue and do the best
> job we can to make it a practical, usable and useful feature - which
> is kinda what we usually pride ourselves in doing!
Well, sure. I just don't want to move backwards on other dimensions
in order to move forward on this one. It's fair to argue that support
of pre-crypted passwords closes only some holes that can be closed in
other ways, but it's equally fair to argue that the limited capability
of a plugin that has to check pre-crypted passwords also represents a
corner case that can be solved in other ways.
regards, tom lane
В списке pgsql-hackers по дате отправления: