Обсуждение: Password aging
All,
Is there an extension that provides password aging functionality? i.e. requires uses to change password after X number of days from last password change.
Thank you.
Kim M. Heckler Consultant, Infrastructure Eng Proud Nationwide Member Distributed Database Services W 614-249-3014 C 740-816-0908 kim.heckler@nationwide.com | |
FORTUNE® and Time Inc. are not affiliated with, and do not endorse the products or services of, Nationwide Mutual Insurance Company. |
|
|
Вложения
All,
Is there an extension that provides password aging functionality? i.e. requires uses to change password after X number of days from last password change.
Thank you.
Kim M. Heckler
Consultant, Infrastructure Eng
Proud Nationwide Member
Distributed Database Services
W 614-249-3014
C 740-816-0908
FORTUNE® and Time Inc. are not affiliated with, and do not endorse the products or services of, Nationwide Mutual Insurance Company.
http://www.georgedillon.com/web/html_email_is_evil.shtml
http://www.catb.org/jargon/html/email-style.html
Вложения
Greetings, * Andrej (andrej.groups@gmail.com) wrote: > I'm not aware of any such extension; but similar questions were asked in > the past, and the common (and IMHO sensible) response is to tie postgres > authentication into an external authentication provider, e.g. LDAP I agree with the idea of tying PG to an external authentication provider, but I strongly recommend to use GSSAPI and *not* LDAP, as LDAP based auth is insecure and not needed when you're running an Active Directory environment (which is a very common use-case that people have in many places). Thanks, Stephen
Вложения
On 06/02/2020 08:38, Heckler, Kim M wrote: > > All, > > Is there an extension that provides password aging functionality? > i.e. requires uses to change password after X number of days from > last password change. > > Thank you. > > Nationwide is on your side. > > > > *Kim M. Heckler* > > Consultant, Infrastructure Eng > > Proud Nationwide Member > > Distributed Database Services > > W 614-249-3014 > > C 740-816-0908 > > kim.heckler@nationwide.com > > /FORTUNE® and Time Inc. are not affiliated with, and do not endorse > the products or services of, Nationwide Mutual Insurance Company./ > > > I would strongly recommend not using password aging, as it encourages weak passwords - comon is a base password and a number which is incremented. Suggest longer passwords that include special characters and don't end in a number, so they are more difficult to crack. My 16 character passwords look like: Y3%oT+]tTrt9G5x: Generated by program I wrote. Cheers, Gavin