Re: MD5 authentication needs help

From: Greg Stark <stark(at)mit(dot)edu>
To: Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Bruce Momjian <bruce(at)momjian(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>
Subject: Re: MD5 authentication needs help
Date: 2015-03-06 11:23:55
Message-ID: CAM-w4HPWhZmbFvX8xPNvLPckkhGWt0gHQjZGJ0J0ySCM_ok3Jw@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Locked accounts are a terrible terrible idea. All they do is hand attackers
an easy DOS vulnerability. They're pure security theatre if your
authentication isn't vulnerable to brute force attacks and an unreliable
band-aid if they are.

Having dealt with mechanisms for locking accounts in other database they're
much more complicated than they appear. You need to deal with different
requirements for different users, have multiple knobs for how it triggers
and resolves, have tools for auditing the connection attempts to determine
if they're legitimate and identify where the incorrect attempts are coming
from, and so on. And all that accomplishes in the best case scenario is
having lots of busy-work support requests responding to locked accounts
and in the worst case scenario upgrading minor issues into major service
outages.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Kapila 2015-03-06 12:01:54 Re: parallel mode and parallel contexts
Previous Message Ashutosh Bapat 2015-03-06 10:25:45 Re: Join push-down support for foreign tables