Home > mailing lists

Re: Locking out a user after several failed login attempts - Mailing list pgsql-novice

From	Jean-Yves F. Barbier
Subject	Re: Locking out a user after several failed login attempts
Date	June 29, 2011 16:00:46
Msg-id	20110629180036.6635c4de@anubis.defcon1 Whole thread Raw
In response to	Re: Locking out a user after several failed login attempts (Mike Thomsen <mikerthomsen@gmail.com>)
Responses	Re: Locking out a user after several failed login attempts ("mark" <dvlhntr@gmail.com>)
List	pgsql-novice

Tree view

On Wed, 29 Jun 2011 11:43:00 -0400, Mike Thomsen <mikerthomsen@gmail.com>
wrote:



> Yes, we're logging all connections to the database.

I'm interested into that (you can it send to me as a PM.)

So, you just have to add a counter to your login table:
      +------------------------------------+
      |                                    |
login attempt-----good----reset CTR to 1   |
      |                                    |
     bad                                   |
      |                                    |
   CTR += 1                                |
      |                                    |
   CTR > 3?-------no-----------------------+
      |
     yes
      |
 revoke connect from bastarduser (until manually re-granted by dbA)
 trigger alarm in security dpt
 send 450kV into user's keyboard

--
Q:    What do you call a half-dozen Indians with Asian flu?
A:    Six sick Sikhs (sic).

pgsql-novice by date:

From: Merlin Moncure
Date: 29 June 2011, 15:48:36
Subject: Re: pg_advisory_locks in a multithreaded application context

From: Daniel Weitzenfeld
Date: 30 June 2011, 07:07:20
Subject: Connecting to PostgreSQL server

Re: Locking out a user after several failed login attempts - Mailing list pgsql-novice

Previous

Next