Re: Rejecting weak passwords

Andrew Dunstan wrote:
>>> So here's the patch.
>>> I don't think there is documentation required;
>>> correct me if I am wrong.
>>
>> How will people know how to use it, or that it's even there without at
>> least a note in the docs somewhere?
>
> I'd prefer to have an example as a contrib module, as well as docs.
> Quite apart from anything else, how the heck would we test it without
> such a thing?

I was not sure because no other hooks were documented anywhere else
than in the code.

I could add a paragraph in the "auth-password" section of
client-auth.sgml. Or is there a better place?

I could easily write a simple contrib that adds a check for
username = password if there is interest.

Yours,
Laurenz Albe