Scott Marlowe <scott.marlowe@xxxxxxxxx> writes: > On Thu, Aug 5, 2010 at 2:20 PM, Craig James <craig_james@xxxxxxxxxxxxxx> wrote: >> A better solution is to implement a password-strength algorithm and require >> people to select decent passwords to begin with. > Exactly. If you allow simpler passwords that have to be changed you > get things like: > ilovemywife22 md5: b845aec254d018d118fe52c46ee8c98c > changed to > ilovemywife23 md5: 8c2b59e4d961478e3a9d5bd94979f329 > You can't tell how close they are by the md5. If you try to prevent > people from reusing similar passwords, then you have to store either > the previous passwords (bad security) or something like a soundex of > the previous password (also bad security.) A place I know but won't name has a policy of storing your last five passwords (hopefully in md5'd form, but I don't actually know that) and not letting you reuse those. Of course this merely encourages people to use a cycle of six or so passwords, like something they can remember with one digit tagged on. The real problem with any such policy is that what you actually want is for people to use strong passwords that they can remember, and they are never going to remember a good password if they have to invent a new one every month. Aforesaid place has an administrative system that I have to use maybe two or three times a year, with a password change interval that is shorter than my average time between uses. Am I going to invent a strong password that I will need to change the very next time I have use for it? If I take the trouble, will I actually remember it next time? Not a chance. So I write it down ... and I'm way more security conscious than most people. Their loss for having a brain-dead password policy. regards, tom lane -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
