Greetings, * Tom Lane (t...@sss.pgh.pa.us) wrote: > Michael Banck <michael.ba...@credativ.de> writes: > > The same was requested in https://dba.stackexchange.com/questions/91252/ > > how-to-know-when-postgresql-password-is-changed so I was wondering > > whether this would be a welcome change/addition, or whether people think > > it's not worth bothering to implement it? > > This has all the same practical problems as recording object creation > times, which we're not going to do either. (You can consult the > archives for details, but from memory, the stickiest aspects revolve > around what to do during dump/reload. Although even CREATE OR REPLACE > offers interesting definitional questions. In the end there are just > too many different behaviors that somebody might want.)
I disagree with these being serious practical problems- we just need to decide which was to go when it comes to dump/restore here and there's an awful lot of example systems out there to compare to for this case. > I've heard that if you want to implement a password aging policy, PAM > authentication can manage that for you; but I don't know the details. That's ridiculously ugly; I know, because I've had to do it, more than once. In my view, it's past time to update our password mechanisms to have the features that one expects a serious system to have these days. Thanks! Stephen
signature.asc
Description: PGP signature
