Mike Nolan wrote:
> Your new password is 87&3jiwkjIJiwkjikmkq,^^2v12hqIwLbvCQQQi18152
>
>Do not write it down or save it in a password manager, as doing so
>creates security problems.
>
>
There is a solution here.
Initialize passwords with a random string. Flag these accounts as
"Password Temporary." When the user logs in (via the app), prompt
him/her to change his/her password. You can do this latter one by
creating a change_password() function as such....
CREATE FUNCTION change_password(varchar) returns bool as '
DECLARE
passwd ALIAS FOR $1;
query VARCHAR;
BEGIN
query := '' ALTER USER '' || SESSION_USER || ''WITH ENCRYPTED PASSWORD
'' || passwd;
EXECUTE query;
RETURN TRUE;
END;
' LANGUAGE PLPGSQL SECURITY DEFINER;
This is off the top of my head, so something might need to be reordered.
This way you can let users choose their own passwords :-)
If you like you can put other checks in it to make sure you have any
three of uppercase/lowercase/numbers/other characters or whatever else
you like.
Word of caution. DO NOT USE CURRENT_USER instead of SESSION_USER of
else everyone will have access to the superuser account which created
this function :-)
Best Wishes,
Chris Travers
Metatron Technology Consulting
>--
>Mike Nolan
>
>---------------------------(end of broadcast)---------------------------
>TIP 2: Don't 'kill -9' the postmaster
>
>
>
>