| Description: | The credcheck PostgreSQL extension provides few general credential checks,
which will be evaluated during the user creation, during the password change
and user renaming. By using this extension, we can define a set of rules:
allow a specific set of credentials
reject a certain type of credentials
deny password that can be easily cracked
enforce use of an expiration date with a minimum of day for a password
define a password reuse policy
define the number of authentication failure allowed before a user is banned
This extension provides all the checks as configurable parameters.
The default configuration settings, will not enforce any complex checks
and will try to allow most of the credentials.
By using SET credcheck.<check-name> TO <some value>; command, enforce new
settings for the credential checks. The settings can only be changed
by a superuser. |
|---|