Password complexity/history - credcheck?
Martin Goodson <kaemaril@googlemail.com>
From: Martin Goodson <kaemaril@googlemail.com>
To: pgsql-general@lists.postgresql.org
Date: 2024-06-22T23:28:21Z
Lists: pgsql-general
Hello. Recently our security team have wanted to apply password complexity checks akin to Oracle's profile mechanism to PostgreSQL, checking that a password hasn't been used in x months etc, has minimum length, x special characters and x numeric characters, mixed case etc. As far as I'm aware there's nothing part of the standard 'community edition' which gives us that, apart from passwordcheck - which doesn't give you a password history. Can anyone recommend a good mechanism to accomodate this? Ideally we're looking for something well-established, reliable, and easily configurable. Does anything spring to mind? A colleague has been looking around, and stumbled across https://github.com/MigOpsRepos/credcheck. Does anyone have any positive (or negative) experience with this? I'm happy to download and apply to a test database, obviously, but some indication of whether or not it's worth looking at first would be greatly appreciated. Is this something that the community would recommend? Many thanks! -- Martin Goodson. "Have you thought up some clever plan, Doctor?" "Yes, Jamie, I believe I have." "What're you going to do?" "Bung a rock at it."