Re: Rejecting weak passwords
| От | Gurjeet Singh |
|---|---|
| Тема | Re: Rejecting weak passwords |
| Дата | |
| Msg-id | 65937bea0909290607t6e6949f8y532d94a68e2ca6ce@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Rejecting weak passwords (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Rejecting weak passwords
|
| Список | pgsql-hackers |
On Tue, Sep 29, 2009 at 4:49 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Combining this with other suggestion:
.) Provide a GUC failed_logins_allowed
.) Add MAX FAILED LOGINS option to ADD/ALTER USER, which defaults to the GUC if not provided in the command.
.) Track per-user failed attempt counts in shared catalog, and reset on a successful login.
Best regards,
-- Josh Berkus <josh@agliodbs.com> writes:And the counts would be tracked and enforced where?
> Hmmm, that would be a useful, easy (I think) security feature: add a GUC
> for failed_logins_allowed.
Combining this with other suggestion:
.) Provide a GUC failed_logins_allowed
.) Add MAX FAILED LOGINS option to ADD/ALTER USER, which defaults to the GUC if not provided in the command.
.) Track per-user failed attempt counts in shared catalog, and reset on a successful login.
Best regards,
Lets call it Postgres
EnterpriseDB http://www.enterprisedb.com
gurjeet[.singh]@EnterpriseDB.com
singh.gurjeet@{ gmail | hotmail | indiatimes | yahoo }.com
Twitter: singh_gurjeet
Skype: singh_gurjeet
Mail sent from my BlackLaptop device
В списке pgsql-hackers по дате отправления: