| From: | "Bossart, Nathan" <bossartn(at)amazon(dot)com> |
|---|---|
| To: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Enhancements to passwordcheck |
| Date: | 2017-09-25 18:04:25 |
| Message-ID: | AC785D69-41EC-4D0A-AC37-1F9FF55C9E34@amazon.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers,
Currently, the passwordcheck module provides a few basic checks to strengthen
passwords. However, any configuration must be ready at compile time, and many
common password requirements cannot be enforced without creating a custom
version of this module. I think there are a number of useful parameters that
could be added to enable common password restrictions, including the following
list, which is based on some asks from our customers:
passwordcheck.min_password_length
passwordcheck.min_uppercase_letters
passwordcheck.min_lowercase_letters
passwordcheck.min_numbers
passwordcheck.min_special_chars
passwordcheck.superuser_can_bypass
passwordcheck.max_expiry_period
passwordcheck.force_new_password
I'd like to use this thread to gauge community interest in adding this
functionality to this module. If there is interest, I'll add it to the next
commitfest.
Nathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fabien COELHO | 2017-09-25 18:07:03 | Re: PATCH: pgbench - break out timing data for initialization phases |
| Previous Message | Rady, Doug | 2017-09-25 18:01:40 | PATCH: pgbench - option to build using ppoll() for larger connection counts |