Re: Rejecting weak passwords

On Thu, Oct 1, 2009 at 19:07, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Magnus Hagander <magnus@hagander.net> writes:
>> On Thu, Oct 1, 2009 at 17:24, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> I agree with the subsequent comments suggesting a sample module that
>>> actually does something useful --- although if it's going to link to
>>> external code like cracklib, it probably is going to have to be on
>>> pgfoundry not in contrib.
>
>> Why is that? we have plenty of other things in contrib that rely on
>> external code, for example the uuid, xml or ssl stuff.
>
> Well, maybe.  I was concerned about availability, portability, license
> compatibility, and so on.  The bar's a lot lower for pgfoundry projects
> on all those points ...

Fair enough. And on the licensing issue.

That said, it would still be good to have something actually *useful*
in contrib. A bit more than just comparing userid and password.
Perhaps at least being able to set the min length, and the requirement
on having >1 "character class"?


-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/