Search Postgresql Archives

Re: Credcheck- credcheck.max_auth_failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Dec 16, 2024 at 8:10 AM Greg Sabino Mullane <htamfids@xxxxxxxxx> wrote:
On Mon, Dec 16, 2024 at 5:32 AM 張宸瑋 <kenny020307@xxxxxxxxx> wrote:
We have both regular accounts and system accounts. For regular accounts, we still require password complexity and the lockout functionality after multiple failed login attempts.

Again, what is the threat model here?

I would not be surprised if the "threat model" is security auditors.
 
Most people have their password in a .pgpass file or similar, so it seems this only adds complexity and annoyance without any real benefit.

Mostly, people do not log into our PG instances. 99% of connections are from application service accounts via JDBC.

--
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux