| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net> |
| Cc: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Password policy |
| Date: | 2008-01-16 13:32:12 |
| Message-ID: | 478E075C.4080507@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
D'Arcy J.M. Cain wrote:
> On Tue, 15 Jan 2008 16:11:16 -0600
> "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> wrote:
>
>> I need to set a basic password policy for accounts but I don't see any
>> documentation on how to do it. I'm assuming there is a way to do this,
>> maybe even with a trigger.
>>
>> The policy would be something like this:
>> 1. Must contain letters and numbers
>> 2. Must be at least 8 characters long
>> 3. Must contain one special character (#,@,$,%,!, etc)
>> 4. Password (not the account) must expire after 90 days
>> 5. Must warn users 10 days before the expire to change the password
>>
>
> Look at my chkpass type in contrib. There is a function to verify the
> password. It is just a placeholder now but you can modify it to do all
> your checking.
>
>
I assumed he was asking about Postgres level passwords rather than
passwords maintained by an application. chkpass is only for the latter.
( Slightly OT - chkpass uses crypt(). Maybe that should be upgraded to
use md5 or some more modern hashing function. )
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gokulakannan Somasundaram | 2008-01-16 13:49:55 | Re: Some ideas about Vacuum |
| Previous Message | Zeugswetter Andreas ADI SD | 2008-01-16 13:13:41 | Re: Declarative partitioning grammar |