Re: Password complexity/history - credcheck?

Поиск
Список
Период
Сортировка
От Ron Johnson
Тема Re: Password complexity/history - credcheck?
Дата
Msg-id CANzqJaBT+LPunvKPX=88s9xPDCOyJnTHK_Tpv8K85mchLnyStA@mail.gmail.com
обсуждение исходный текст
Ответ на Password complexity/history - credcheck?  (Martin Goodson <kaemaril@googlemail.com>)
Список pgsql-general
Дерево обсуждения
On Sat, Jun 22, 2024 at 7:28 PM Martin Goodson <kaemaril@googlemail.com> wrote:
Hello.

Recently our security team have wanted to apply password complexity
checks akin to Oracle's profile mechanism to PostgreSQL, checking that a
password hasn't been used in x months

There would have to be a pg_catalog table which stores login history.
 
etc, has minimum length, x special
characters and x numeric characters, mixed case etc.

Is that an after-the-fact scanner (with all the problems Tom mentioned), or is it a client-side "check while you're typing in the new password" scanner?

В списке pgsql-general по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: Password complexity/history - credcheck?
Следующее
От: Muhammad Ikram
Дата:
Сообщение: Re: pg_dump restores as expected on some machines and reports duplicate keys on others