Re: Rejecting weak passwords

Tom Lane wrote:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> > If we were using some kind of real public key system and someone
> > suggested breaking it to add password complexity checking, I would
> > understand the outrage here. But I don't understand why everyone is
> > so worked up about having an *optional* *flag* to force plaintext
> > instead of MD5. I might be wrong here, but can't a determined
> > attacker brute-force an MD5 anyway? The very fact that people are
> > suggesting that password checking might be feasible even on a
> > pre-MD5'd password by using a dictionary suggests that we're not
> > getting a whole lot of real security here. And even if not, dude,
> > it's an *optional* *flag*.
>
> Yes, and it's an optional flag that could perfectly well be implemented
> in the plugin that I think we do have consensus to add a hook for.
> The argument is over why do we need to litter the core system with it.

So, are we agreed to provide a hook on the server side, but to use it
you have to configure your system with SSL and 'password'? I can add
that to the TODO list.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +