Participants
sudesh mohane
sudesh mohane
Anthony Sotolongo
Anthony Sotolongo
David Fetter
David Fetter
Michael Paquier
Michael Paquier
Attachments
Show all attachments
Thread Outline
#1sudesh mohanesudesh mohane
Dec 04, 2018
#2...#4
Anthony SotolongoMichael Paquier
to sudesh mohane (#1)
Dec 04, 2018
#2Anthony SotolongoAnthony Sotolongoto sudesh mohane (#1)
Dec 04, 2018
#4Michael PaquierMichael Paquierto Anthony Sotolongo (#2)
Dec 05, 2018
#3David FetterDavid Fetterto sudesh mohane (#1)
Dec 04, 2018

Re: PostgreSQL db password policy

Started by sudesh mohaneover 7 years ago4 messagesbugs
Jump to latest
#1sudesh mohane
sudesh mohane
smohane@gmail.com
Show quoted text

Hello Team,

We are using PostgreSQL db for one of our projects. By default DB
accepts any password. However client need password policy.

We want to implement password policy (e.g. password expiry, password
length etc) in PostgreSQL.

Can you please advise how to achieve this in PostgreSQL ?

Regards,
Sudesh Mohane

Import Notes
Reply to msg id not found: CAPy-8kGYkuk=B9POgYNvKuT3KhKqYdOQo5mV6HPLgO=gp+4U6g@mail.gmail.comReference msg id not found: CAPy-8kGYkuk=B9POgYNvKuT3KhKqYdOQo5mV6HPLgO=gp+4U6g@mail.gmail.com
#2Anthony Sotolongo
Anthony Sotolongo
asotolongo@gmail.com
In reply to: sudesh mohane (#1)

Hi Sudesh Mohane

that's not an error, then this is not the list

by the way, you can check passwordcheck extension
https://www.postgresql.org/docs/11/passwordcheck.html

or check the extension passwordcheck_extra, by M. Paquier

https://github.com/michaelpq/pg_plugins/tree/master/passwordcheck_extra

password expiry you can use crear user with VALID UNTIL option

Regards

El mar., 4 dic. 2018 a las 10:05, sudesh mohane (<smohane@gmail.com>)
escribió:

Show quoted text

Hello Team,

We are using PostgreSQL db for one of our projects. By default DB
accepts any password. However client need password policy.

We want to implement password policy (e.g. password expiry, password
length etc) in PostgreSQL.

Can you please advise how to achieve this in PostgreSQL ?

Regards,
Sudesh Mohane

#3David Fetter
David Fetter
david@fetter.org
In reply to: sudesh mohane (#1)

On Tue, Dec 04, 2018 at 05:15:25PM +0530, sudesh mohane wrote:

Hello Team,

We are using PostgreSQL db for one of our projects. By default DB
accepts any password. However client need password policy.

We want to implement password policy (e.g. password expiry, password
length etc) in PostgreSQL.

Unless your client has regulatory requirements for password
expiration, you should discourage them in the strongest possible terms
from implementing one.

https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/SoLongAndNoThanks.pdf

Best,
David.
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate

#4Michael Paquier
Michael Paquier
michael@paquier.xyz
In reply to: Anthony Sotolongo (#2)

On Tue, Dec 04, 2018 at 11:57:53AM -0300, Anthony Sotolongo wrote:

or check the extension passwordcheck_extra, by M. Paquier
https://github.com/michaelpq/pg_plugins/tree/master/passwordcheck_extra

password expiry you can use crear user with VALID UNTIL option

That's one possibility, I have no idea if anybody is packaging it
and I don't have any plans to submit new RPMs, so if this is not
available you will need to compile it yourself. Even with that, I think
that you had better avoid passing a raw password string through the
network.
--
Michael

← Back to Topics