Postgres Pro
Downloads
Home   >   mailing lists

Re: Lock Postgres account after X number of failed logins? - Mailing list pgsql-general

From Stephen Frost
Subject Re: Lock Postgres account after X number of failed logins?
Date
Msg-id 20200506132828.GP13712@tamriel.snowman.net
Whole thread Raw
In response to Re: Lock Postgres account after X number of failed logins?  (Geoff Winkless <pgsqladmin@geoff.dj>)
Responses RE: EXTERNAL: Re: Lock Postgres account after X number of failedlogins?  ("Wolff, Ken L" <ken.l.wolff@lmco.com>)
Re: Lock Postgres account after X number of failed logins?  ("Peter J. Holzer" <hjp-pgsql@hjp.at>)
Re: Lock Postgres account after X number of failed logins?  (Geoff Winkless <pgsqladmin@geoff.dj>)
List pgsql-general
Tree view 
Greetings,

* Geoff Winkless (pgsqladmin@geoff.dj) wrote:
> On Wed, 6 May 2020 at 00:05, Tim Cross <theophilusx@gmail.com> wrote:
> > Where Tom's solution fails is with smaller companies that cannot afford
> > this level of infrastructure.
>
> Is there an objection to openldap? It's lightweight (so could
> reasonably be run on the same hardware without significant impact),
> BSD-ish and mature, and (with the password policy overlay) should
> provide exactly the functionality the OP requested.

LDAP-based authentication in PG involves passing the user's password to
the database server in the clear (or tunneled through SSL, but that
doesn't help if the DB is compromised), so it's really not a good
solution.

Thanks,

Stephen
Attachment

pgsql-general by date:

Previous
From: Ram Pratap Maurya
Date:
Subject: RE: Abnormal Growth of Index Size - Index Size 3x large than table size.
Next
From: Christian Ramseyer
Date:
Subject: Re: Encoding conversion: Use replacement character instead of failingquery with "ERROR: character with byte sequence 0xd0 0xad in encoding "UTF8"has no equivalent in encoding LATIN1" ?