Re: password strength verification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



rexmabry@xxxxxxxxx (Rex Mabry) writes:
>  If a company requires a password to be a combination of letters,
>  numbers and special characters. Oracle has a profile setting with a
>  password verify function that can be used to specify a function
>  that can do this.  Does postgres have a setting or function to
>  verify and enforce a password policy?  I am very familiar with
>  pg_hba.conf, but I am looking specifically at passwords.

If I were wanting to enforce this, I think I'd do it via PAM.

That is, I would configure PostgreSQL to use the PAM service (METHOD =
"pam", OPTION = name of PAM service), and configure these requirements
into the PAM service.

There are several alternative indirections available:
 - LDAP authentication would allow you to manage password policy
   in the LDAP instance, quite independent of PostgreSQL.

 - krb5 indicates use of Kerberos, which would, again, keep passwords
   out of PostgreSQL altogether.

With all of these options being readily available for using
centralized authorization management and policy, I don't see any
particular value in duplicating low level security policy mechanisms
in PostgreSQL.
-- 
output = ("cbbrowne" "@" "cbbrowne.com")
http://linuxdatabases.info/info/postgresql.html
"Well, I wish  you'd just  tell me rather   than trying to engage   my
enthusiasm, because I haven't got one." -- Marvin the Paranoid Android

-- 
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux