Re: [GENERAL] create trigger in postgres to check the password strength

Поиск
Список
Период
Сортировка
От Adam Brusselback
Тема Re: [GENERAL] create trigger in postgres to check the password strength
Дата
Msg-id CAMjNa7f4ntAhr_SW-MaWJHpDw8BQoLARNYeK0xJrJn=SBAX5pw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [GENERAL] create trigger in postgres to check the password strength  (PAWAN SHARMA <er.pawanshr0963@gmail.com>)
Ответы Re: [GENERAL] create trigger in postgres to check the password strength  (PAWAN SHARMA <er.pawanshr0963@gmail.com>)
Список pgsql-general
Дерево обсуждения
Whoops, accidentally sent this to only Pawan instead of the list:

Hey there, so I would highly suggest you avoid arbitrary password strength policies like that.  I wrote a library for my company which we use for password strength estimation, but it is written in Java.  I've been thinking about how to port it to pl/pgsql so it could easily be packaged as an extension and used natively in Postgres, but I just haven't had time to get around to that yet.  Here it is for reference: https://github.com/GoSimpleLLC/nbvcxz

If you're actually interested in having an extension which works like the above, and want to work on porting it, i'd be more than happy to jump in and help out where I can. I just don't have the free cycles to do it my self at the moment.

Now on to your original question...Why wouldn't it be possible to create a trigger on your users table to check the password being inserted, raise an error if it does not meet your requirement, or hash it if it does and continue the insert?  Seems pretty straight forward other than the complexity of actually estimating how secure a password is.

В списке pgsql-general по дате отправления:

Предыдущее
От: PAWAN SHARMA
Дата:
Сообщение: Re: [GENERAL] create trigger in postgres to check the password strength
Следующее
От: PAWAN SHARMA
Дата:
Сообщение: Re: [GENERAL] create trigger in postgres to check the password strength