Re: Password policy
От | Andrew Dunstan |
---|---|
Тема | Re: Password policy |
Дата | |
Msg-id | 478E075C.4080507@dunslane.net обсуждение исходный текст |
Ответ на | Re: Password policy ("D'Arcy J.M. Cain" <darcy@druid.net>) |
Ответы |
Re: Password policy
Re: Password policy |
Список | pgsql-hackers |
D'Arcy J.M. Cain wrote: > On Tue, 15 Jan 2008 16:11:16 -0600 > "Roberts, Jon" <Jon.Roberts@asurion.com> wrote: > >> I need to set a basic password policy for accounts but I don't see any >> documentation on how to do it. I'm assuming there is a way to do this, >> maybe even with a trigger. >> >> The policy would be something like this: >> 1. Must contain letters and numbers >> 2. Must be at least 8 characters long >> 3. Must contain one special character (#,@,$,%,!, etc) >> 4. Password (not the account) must expire after 90 days >> 5. Must warn users 10 days before the expire to change the password >> > > Look at my chkpass type in contrib. There is a function to verify the > password. It is just a placeholder now but you can modify it to do all > your checking. > > I assumed he was asking about Postgres level passwords rather than passwords maintained by an application. chkpass is only for the latter. ( Slightly OT - chkpass uses crypt(). Maybe that should be upgraded to use md5 or some more modern hashing function. ) cheers andrew
В списке pgsql-hackers по дате отправления: