| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | "Wolff, Ken L" <ken(dot)l(dot)wolff(at)lmco(dot)com>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Lock Postgres account after X number of failed logins? |
| Date: | 2020-05-05 14:28:18 |
| Message-ID: | 885dab4b-e009-47f3-b572-98005ed5252f@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 5/5/20 7:13 AM, Wolff, Ken L wrote:
> Hi, everyone. Wondering if there’s a way in PostgreSQL to automatically
> lock accounts after a number of failed logins (a security requirement
> for my organization). I’ve been investigating this for a while and the
> only reference I’ve found is to write a hook:
> https://wiki.postgresql.org/images/e/e3/Hooks_in_postgresql.pdf , which
> is a little more involved than I’d hoped. Was hoping there was
> something native available within PostgreSQL.
There is not.
You might want to take a look at this thread:
>
> Locking accounts after X number of failed logins is an excellent way to
> defeat brute force attacks, so I’m just wondering if there’s a way to do
> this, other than the aforementioned hook.
>
> This is my first time using this mail list so apologies in advance if
> I’m not following etiquette or doing something incorrectly.
>
> Thanks in advance.
>
> Ken W
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Allan Kamau | 2020-05-05 14:39:46 | Re: Lock Postgres account after X number of failed logins? |
| Previous Message | Wolff, Ken L | 2020-05-05 14:13:38 | Lock Postgres account after X number of failed logins? |