On 5/5/20 7:13 AM, Wolff, Ken L wrote:
> Hi, everyone. Wondering if there’s a way in PostgreSQL to automatically
> lock accounts after a number of failed logins (a security requirement
> for my organization). I’ve been investigating this for a while and the
> only reference I’ve found is to write a hook:
> https://wiki.postgresql.org/images/e/e3/Hooks_in_postgresql.pdf , which
> is a little more involved than I’d hoped. Was hoping there was
> something native available within PostgreSQL.
There is not.
You might want to take a look at this thread:
https://www.postgresql.org/message-id/OF010D9AFE.7D96A308-ON85257AB6.00746957-85257AB6.0074746B%40us.ibm.com
>
> Locking accounts after X number of failed logins is an excellent way to
> defeat brute force attacks, so I’m just wondering if there’s a way to do
> this, other than the aforementioned hook.
>
> This is my first time using this mail list so apologies in advance if
> I’m not following etiquette or doing something incorrectly.
>
> Thanks in advance.
>
> Ken W
>
--
Adrian Klaver
adrian.klaver@aklaver.com