Re: Credcheck- credcheck.max_auth_failure

From: Greg Sabino Mullane <htamfids(at)gmail(dot)com>
To: Ron Johnson <ronljohnsonjr(at)gmail(dot)com>
Cc: "pgsql-generallists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org>
Subject: Re: Credcheck- credcheck.max_auth_failure
Date: 2024-12-11 20:00:45
Message-ID: CAKAnmmJa8KPT0ievMUZK23_cHWBhL2jHKLUwkB_XpVCLDZsa9g@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Wed, Dec 11, 2024 at 1:44 PM Ron Johnson <ronljohnsonjr(at)gmail(dot)com> wrote:

> Isn't this a pretty common password setting? I know that for at least 35
> years, and going back to the VAX/VMS days I've been locked out for X hours
> if I typed an invalid password. Same on Windows and I think also Linux
> (though ssh public keys and clients remembering passwords mean that rarely
> happens to me).

Not in the same way, no. There are tools/policies that will stop one from
connecting endlessly from the same IP. Certainly on Linux, you can try over
and over. Matter of fact, here's a random Linux test box I have on the
internet, and logging in to root just gave me this message today:

*Last login: Tue Dec 3 19:12:22 EST 2024 on pts/0 *
*There were 79522 failed login attempts since the last successful login*

:)

Cheers,
Greg

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Adrian Klaver 2024-12-11 20:11:55 Re: Credcheck- credcheck.max_auth_failure
Previous Message Bharani SV-forum 2024-12-11 19:12:44 Additional Help in vetting my steps for Postgres DB upgrade from Ver 13.X to ver 15.X