Agil Azimov <agil.azimov@gmail.com> writes: > Need to check the password settings in postgre such as Password minimal > length, password complexity, password maximal age, password history and > account lockout threshold. > I need to set these parameters to make the comply with the best practices
If you're intent on doing things that way, you can set up Postgres to use PAM authentication, and then the PAM end of things can be configured with all kinds of options like that.
Personally though, I'd push back on those requirements. The fundamental problem with doing anything like that is that you cannot check password length, complexity, etc without users having to send their cleartext passwords to the server, which is a much bigger security fail than anything appearing on your list. Best practice these days is to use SCRAM, which never exposes the cleartext password to the server.