On 10/05/2016 10:25 AM, Daniel-Constantin Mierla wrote:
Hello,
writing here to decide on a topic opened by pull request 779:
what would be a fair size for db column storing a password that one would like to have for proper security?
I would like to make it consistent over all tables that have a password column by defining a xml entity for the size of these columns. The pull request suggests 64 chars, has anyone other opinions on making it larger or smaller?
If they are defined varchar, then should not be a problem of allocated size, so we can go with 128 if someone feels it worth doing larger now so we don't have to change it again in the near future.
This change is about db schema, the modules I expect to work with allocated strings (or have length checks) in this case and should not be affected.
Cheers, Daniel
Although I can see why someone might consider the need for larger than varchar 64, I really don't see a need for it. Assuming if you needed more characters it would probably be time to use additional authentication methods.
I believe Polycom still max's out at 32.
--fred