Обсуждение: password strength verification
Hi, If a company requires a password to be a combination of letters, numbers and special characters. Oracle has a profile setting with a password verify function that can be used to specify a function that can do this. Does postgres have a setting or function to verify and enforce a password policy? I am very familiar with pg_hba.conf, but I am looking specifically at passwords. |
rexmabry@yahoo.com (Rex Mabry) writes:
> If a company requires a password to be a combination of letters,
> numbers and special characters. Oracle has a profile setting with a
> password verify function that can be used to specify a function
> that can do this. Does postgres have a setting or function to
> verify and enforce a password policy? I am very familiar with
> pg_hba.conf, but I am looking specifically at passwords.
If I were wanting to enforce this, I think I'd do it via PAM.
That is, I would configure PostgreSQL to use the PAM service (METHOD =
"pam", OPTION = name of PAM service), and configure these requirements
into the PAM service.
There are several alternative indirections available:
- LDAP authentication would allow you to manage password policy
in the LDAP instance, quite independent of PostgreSQL.
- krb5 indicates use of Kerberos, which would, again, keep passwords
out of PostgreSQL altogether.
With all of these options being readily available for using
centralized authorization management and policy, I don't see any
particular value in duplicating low level security policy mechanisms
in PostgreSQL.
--
output = ("cbbrowne" "@" "cbbrowne.com")
http://linuxdatabases.info/info/postgresql.html
"Well, I wish you'd just tell me rather than trying to engage my
enthusiasm, because I haven't got one." -- Marvin the Paranoid Android