Re: Passwordcheck configuration

2020-03-23 Thread Stephen Frost
Greetings, * Dave Hughes (dhughe...@gmail.com) wrote: > Thank you for the information! This issue originated from a Department of > Defense STIG (Security Technical Implementation Guides). It's a security > check that applications and databases have to go through. I'll just leave > this one as

Re: Passwordcheck configuration

2020-03-23 Thread Stephen Frost
Greetings, * Tom Lane (t...@sss.pgh.pa.us) wrote: > Dave Hughes writes: > > I have a requirement to set some password complexity for our database such > > as length of password, upper case, lower case, special characters, > > expiration limit, reuse, etc. > > Usually, if you have to do something

Re: Passwordcheck configuration

2020-03-23 Thread Laurenz Albe
On Fri, 2020-03-20 at 12:30 -0400, Dave Hughes wrote: > Thank you for the information! This issue originated from a Department of > Defense STIG > (Security Technical Implementation Guides). It's a security check that > applications > and databases have to go through. I'll just leave this one

Re: Passwordcheck configuration

2020-03-22 Thread Michael Paquier
On Thu, Mar 19, 2020 at 07:19:06PM -0400, Tom Lane wrote: > passwordcheck hasn't got any out-of-the-box configurability. It's mainly > meant as sample code that people could modify if they have a mind to. Here is an example: https://github.com/michaelpq/pg_plugins/tree/master/passwordcheck_extra

Re: Passwordcheck configuration

2020-03-20 Thread Ron
On 3/19/20 6:19 PM, Tom Lane wrote: Dave Hughes writes: I have a requirement to set some password complexity for our database such as length of password, upper case, lower case, special characters, expiration limit, reuse, etc. Usually, if you have to do something like that, we recommend setti

Re: Passwordcheck configuration

2020-03-20 Thread Dave Hughes
Thank you for the information! This issue originated from a Department of Defense STIG (Security Technical Implementation Guides). It's a security check that applications and databases have to go through. I'll just leave this one as a "finding" since there isn't a way to really configure it to t

Re: Passwordcheck configuration

2020-03-19 Thread Tom Lane
Dave Hughes writes: > I have a requirement to set some password complexity for our database such > as length of password, upper case, lower case, special characters, > expiration limit, reuse, etc. Usually, if you have to do something like that, we recommend setting PG to use PAM authentication a

Passwordcheck configuration

2020-03-19 Thread Dave Hughes
Hello, I have a requirement to set some password complexity for our database such as length of password, upper case, lower case, special characters, expiration limit, reuse, etc. I saw there was a module you can use for this called passwordcheck. Seems easy to install, but I don't see how you can