On Sun, Oct 8, 2023 at 10:24:42AM -0700, Gurjeet Singh wrote: > On Fri, Oct 6, 2023 at 1:46 PM Bruce Momjian <br...@momjian.us> wrote: > > > > On Fri, Oct 6, 2023 at 01:20:03PM -0700, Jeff Davis wrote: > > > The basic problem, as I see it, is: how do we keep users from > > > accidentally dropping the wrong password? Generated unique names or > > > > I thought we could auto-remove old password if the valid-until date is > > in the past. > > Autoremoving expired passwords will surprise users, and not in a good > way. Making a password, even an expired one, disappear from the system > will lead to astonishment. Among uses of an expired password are cases > of it acting like a tombstone, and the case where the user may want to > extend the validity of a password, instead of having to create a new > one and change application configuration(s) to specify the new > password.
I was speaking of autoremoving in cases where we are creating a new one, and taking the previous new one and making it the old one, if that was not clear. -- Bruce Momjian <br...@momjian.us> https://momjian.us EDB https://enterprisedb.com Only you can decide what is important to you.
