D'Arcy J.M. Cain wrote:
> On Tue, 15 Jan 2008 16:11:16 -0600
> "Roberts, Jon" <Jon.Roberts@asurion.com> wrote:
>
>> I need to set a basic password policy for accounts but I don't see any
>> documentation on how to do it. I'm assuming there is a way to do this,
>> maybe even with a trigger.
>>
>> The policy would be something like this:
>> 1. Must contain letters and numbers
>> 2. Must be at least 8 characters long
>> 3. Must contain one special character (#,@,$,%,!, etc)
>> 4. Password (not the account) must expire after 90 days
>> 5. Must warn users 10 days before the expire to change the password
>>
>
> Look at my chkpass type in contrib. There is a function to verify the
> password. It is just a placeholder now but you can modify it to do all
> your checking.
>
>
I assumed he was asking about Postgres level passwords rather than
passwords maintained by an application. chkpass is only for the latter.
( Slightly OT - chkpass uses crypt(). Maybe that should be upgraded to
use md5 or some more modern hashing function. )
cheers
andrew