Enhancements to passwordcheck

From: "Bossart, Nathan" <bossartn(at)amazon(dot)com>
To: "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Enhancements to passwordcheck
Date: 2017-09-25 18:04:25
Message-ID: AC785D69-41EC-4D0A-AC37-1F9FF55C9E34@amazon.com
Views: Raw Message | Whole Thread | Download mbox
Thread:
Lists: pgsql-hackers

Hi hackers,

Currently, the passwordcheck module provides a few basic checks to strengthen
passwords. However, any configuration must be ready at compile time, and many
common password requirements cannot be enforced without creating a custom
version of this module. I think there are a number of useful parameters that
could be added to enable common password restrictions, including the following
list, which is based on some asks from our customers:

passwordcheck.min_password_length
passwordcheck.min_uppercase_letters
passwordcheck.min_lowercase_letters
passwordcheck.min_numbers
passwordcheck.min_special_chars
passwordcheck.superuser_can_bypass
passwordcheck.max_expiry_period
passwordcheck.force_new_password

I'd like to use this thread to gauge community interest in adding this
functionality to this module. If there is interest, I'll add it to the next
commitfest.

Nathan

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Fabien COELHO 2017-09-25 18:07:03 Re: PATCH: pgbench - break out timing data for initialization phases
Previous Message Rady, Doug 2017-09-25 18:01:40 PATCH: pgbench - option to build using ppoll() for larger connection counts