On 6/7/13 2:57 PM, Tom Lane wrote: > "Joshua D. Drake" <j...@commandprompt.com> writes: >> I had a customer pulling their hair out today because they couldn't >> login to their system. The error was consistently: > >> 2013-06-07 08:42:44 MST postgres 10.1.11.67 27440 FATAL: password >> authentication failed for user "user > >> However the problem had nothing to do with password authentication. It >> was because the valuntil on the user had been set till a date in the >> past. Now technically if we just removed the word "password" from the >> error it would be accurate but it seems it would be better to say, >> "FATAL: the user "user" has expired". > > I think it's intentional that we don't tell the *client* that level of > detail. I could see emitting a log message about it, but it's not clear > whether that will help an unsophisticated user.
Usually, when I log in somewhere and the password is expired, it tells me that the password is expired. I don't think we gain anything by hiding that from the user. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
