Обсуждение: Password aging

Поиск
Список
Период
Сортировка

Password aging

От
"Heckler, Kim M"
Дата:

All,

 

Is there an extension that provides password aging functionality?  i.e.  requires uses to change password after X number of days from last password change.

 

Thank you.

 

Nationwide is on your side.

Kim M. Heckler

Consultant, Infrastructure Eng

Proud Nationwide Member

Distributed Database Services

W 614-249-3014

C 740-816-0908

kim.heckler@nationwide.com

FORTUNE® and Time Inc. are not affiliated with, and do not endorse the products or services of, Nationwide Mutual Insurance Company.

 

 

 

 

Вложения

Re: Password aging

От
Andrej
Дата:
I'm not aware of any such extension; but similar questions were asked in the past, and the common (and IMHO sensible) response is to tie postgres authentication into an external authentication provider, e.g. LDAP 

Kind regards,
Andrej

On Thu, 6 Feb 2020 at 08:39, Heckler, Kim M <kim.heckler@nationwide.com> wrote:

All,

 

Is there an extension that provides password aging functionality?  i.e.  requires uses to change password after X number of days from last password change.

 

Thank you.

 

Nationwide is on your side.

Kim M. Heckler

Consultant, Infrastructure Eng

Proud Nationwide Member

Distributed Database Services

W 614-249-3014

C 740-816-0908

kim.heckler@nationwide.com

FORTUNE® and Time Inc. are not affiliated with, and do not endorse the products or services of, Nationwide Mutual Insurance Company.

 

 

 

 



--
Please don't top post, and don't use HTML e-Mail :}  Make your quotes concise.

http://www.georgedillon.com/web/html_email_is_evil.shtml
http://www.catb.org/jargon/html/email-style.html
Вложения

Re: Password aging

От
Stephen Frost
Дата:
Greetings,

* Andrej (andrej.groups@gmail.com) wrote:
> I'm not aware of any such extension; but similar questions were asked in
> the past, and the common (and IMHO sensible) response is to tie postgres
> authentication into an external authentication provider, e.g. LDAP

I agree with the idea of tying PG to an external authentication
provider, but I strongly recommend to use GSSAPI and *not* LDAP, as LDAP
based auth is insecure and not needed when you're running an Active
Directory environment (which is a very common use-case that people
have in many places).

Thanks,

Stephen
Вложения

Re: Password aging

От
Gavin Flower
Дата:
On 06/02/2020 08:38, Heckler, Kim M wrote:
>
> All,
>
> Is there an extension that provides password aging functionality?  
> i.e.  requires uses to change password after X number of days from 
> last password change.
>
> Thank you.
>
> Nationwide is on your side.
>
>     
>
> *Kim M. Heckler*
>
> Consultant, Infrastructure Eng
>
> Proud Nationwide Member
>
> Distributed Database Services
>
> W 614-249-3014
>
> C 740-816-0908
>
> kim.heckler@nationwide.com
>
> /FORTUNE® and Time Inc. are not affiliated with, and do not endorse 
> the products or services of, Nationwide Mutual Insurance Company./
>
>     
>
I would strongly recommend not using password aging, as it encourages 
weak passwords -  comon is a base password and a number which is 
incremented.

Suggest longer passwords that include special characters and don't end 
in a number, so they are more difficult to crack.

My 16 character passwords look like:

Y3%oT+]tTrt9G5x:

Generated by program I wrote.


Cheers,
Gavin