Re: Rejecting weak passwords
| От | Tom Lane |
|---|---|
| Тема | Re: Rejecting weak passwords |
| Дата | |
| Msg-id | 4848.1255962605@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Rejecting weak passwords ("Albe Laurenz" <laurenz.albe@wien.gv.at>) |
| Ответы |
Re: Rejecting weak passwords
|
| Список | pgsql-hackers |
"Albe Laurenz" <laurenz.albe@wien.gv.at> writes:
> Bruce Momjian wrote:
>> Password checks might include password complexity or non-reuse of
>> passwords. This facility will require the client to send the password to
>> the server in plain-text, so SSL and 'password' authentication is
>> necessary to use this features.
> So in my opinion that should be:
> This facility will require to send new and changed password to
> the server in plain-text, so it will require SSL, and the use
> of encrypted passwords in CREATE/ALTER ROLE will have to be
> disabled.
Actually, not one word of *either* version should be in TODO. All of
that is speculation about policies that a particular add-on module
might or might not choose to enforce.
regards, tom lane
В списке pgsql-hackers по дате отправления: