One other topic that is related to this is that we now have a expire date but it would be nice to have a number of days also. This would make it easy to force the user to change their passwords every X days if internal security is being used instead of something like Kerberos or LDAP.
Best Regards Michael Gould >Tom Lane" <[email protected]> wrote: > Craig Ringer <[email protected]> writes: >> Anyway ... I'm curious about whether `SET ROLE rolename WITH PASSWORD' >> is something that's technically practical to implement in PostgreSQL and >> what people think about the idea. > > Seems like it would have all the standard problems with cleartext > passwords being exposed in pg_stat_activity, system logs, etc. > Also, what about people who are using more-secure-than-password > auth methods, like Kerberos? > > I'm not really for it. > > regards, tom lane > > -- > Sent via pgsql-general mailing list ([email protected]) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general > -- Michael Gould, Managing Partner Intermodal Software Solutions, LLC 904.226.0978 904.592.5250 fax -- Sent via pgsql-general mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
