Password complexity/history - credcheck?
От | Martin Goodson |
---|---|
Тема | Password complexity/history - credcheck? |
Дата | |
Msg-id | 79692c1a-190c-413e-9442-a14a45c1069d@googlemail.com обсуждение исходный текст |
Ответы |
Re: Password complexity/history - credcheck?
Re: Password complexity/history - credcheck? |
Список | pgsql-general |
Hello. Recently our security team have wanted to apply password complexity checks akin to Oracle's profile mechanism to PostgreSQL, checking that a password hasn't been used in x months etc, has minimum length, x special characters and x numeric characters, mixed case etc. As far as I'm aware there's nothing part of the standard 'community edition' which gives us that, apart from passwordcheck - which doesn't give you a password history. Can anyone recommend a good mechanism to accomodate this? Ideally we're looking for something well-established, reliable, and easily configurable. Does anything spring to mind? A colleague has been looking around, and stumbled across https://github.com/MigOpsRepos/credcheck. Does anyone have any positive (or negative) experience with this? I'm happy to download and apply to a test database, obviously, but some indication of whether or not it's worth looking at first would be greatly appreciated. Is this something that the community would recommend? Many thanks! -- Martin Goodson. "Have you thought up some clever plan, Doctor?" "Yes, Jamie, I believe I have." "What're you going to do?" "Bung a rock at it."
В списке pgsql-general по дате отправления: