F.24. passwordcheck
  The
  
   passwordcheck
  
  module checks users' passwords
  whenever they are set with
  
   
    CREATE ROLE
   
  
  or
  
   
    ALTER ROLE
   
  
  .
  If a password is considered too weak, it will be rejected and
  the command will terminate with an error.
 
  To enable this module, add
  
   '$libdir/passwordcheck'
  
  to
  
   shared_preload_libraries
  
  in
  
   postgresql.conf
  
  , then restart the server.
 
  You can adapt this module to your needs by changing the source code.
  For example, you can use
  
   CrackLib
  
  to check passwords - this only requires uncommenting
  two lines in the
  
   Makefile
  
  and rebuilding the
  module.  (We cannot include
  
   CrackLib
  
  by default for license reasons.)
  Without
  
   CrackLib
  
  , the module enforces a few
  simple rules for password strength, which you can modify or extend
  as you see fit.
 
Caution
To prevent unencrypted passwords from being sent across the network, written to the server log or otherwise stolen by a database administrator, PostgreSQL allows the user to supply pre-encrypted passwords. Many client programs make use of this functionality and encrypt the password before sending it to the server.
   This limits the usefulness of the
   
    passwordcheck
   
   module, because in that case it can only try to guess the password.
   For this reason,
   
    passwordcheck
   
   is not
   recommended if your security requirements are high.
   It is more secure to use an external authentication method such as GSSAPI
   (see
   
    Chapter 21
   
   ) than to rely on
   passwords within the database.
  
   Alternatively, you could modify
   
    passwordcheck
   
   to reject pre-encrypted passwords, but forcing users to set their
   passwords in clear text carries its own security risks.