PATCH: warn about, and deprecate, clear text passwords
| От | David G. Johnston |
|---|---|
| Тема | PATCH: warn about, and deprecate, clear text passwords |
| Дата | |
| Msg-id | CAKFQuwapQ4egH-o10t_okpJeL+ocST7OEPTfviAABKbUznSVbw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: PATCH: warn about, and deprecate, clear text passwords (Robert Haas <robertmhaas@gmail.com>) |
| Ответы |
Re: PATCH: warn about, and deprecate, clear text passwords
|
| Список | pgsql-hackers |
On Sunday, March 16, 2025, Robert Haas <robertmhaas@gmail.com> wrote:
WARNING: you just caused a problem for somebody else
The user has no particular reason to care about the fact that the
password they just typed ended up in the log.
It could also be:
warning: your password is known to Big Brother
hint: use psql \password to supply a private password, or see “docs/wiki page” for more details and a way to pre-compute and send a private password via SQL.
Sure, we can’t make them drink, but let’s at least show them where we put the water trough. Some of them will care but be unaware.
We can make it an error later and do nothing, removing the choice but to figure out the proper way of changing their password.
David J.
В списке pgsql-hackers по дате отправления: