Search Postgresql Archives

Re: Password complexity/history - credcheck?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 23/06/2024 11:49, Christoph Moench-Tegeder wrote:

My advice would be to not use secrets stored in the database -
that is, do not use scram-sha-256 - but use an external authentication
system, like Kerberos (might be AD) or LDAP (might also be AD) and have
that managed by the security team: that way all these compliance

Crikey, that would be  quite a lot of  lot of SSL/TLS to set up. We have quite a few (massive understatement :( ... ) PostgreSQL database clusters spread over quite a lot (another understatement) of VMs.

The last time I suggested LDAP there was a lot of enthusiasm ... until they went down and looked at what might have to be done, after which it all became very quiet ...

Regards,

Martin.



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux