2009/9/28 Andrew Dunstan <and...@dunslane.net>:
>
>
> Ing. Marcos L. Ortí­z Valmaseda wrote:
>>>
>>> My vote is for #3, if anything.
>>>
>>>
>> You have to analyze all points before to do this. I vote too for the third 
>> option, but you have to be clear that how do you ´ll check the weakness of 
>> the password:
>> 1- For example: the length should be greater that 6 char..
>> 2- The password should be have  a combination fo numbers, letters and others 
>> dots
>>
>> Things like that you have to think very well, or to do a question to the 
>> list asking which are the best options.
>>
>> I think the same about the PAM and LDAP auth
>>
>>
>
> I'm voting for #3 precisely so postgres doesn't have to think about it, and 
> the module author will do all the work implementing whatever rules they want 
> to enforce.

That makes a lot of sense. Then we could perhaps ship a cracklib2
provider in contrib.

-- 
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to