On Tue, Sep 29, 2009 at 4:49 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Josh Berkus <josh@agliodbs.com> writes: > Hmmm, that would be a useful, easy (I think) security feature: add a GUC > for failed_logins_allowed.
And the counts would be tracked and enforced where?
Combining this with other suggestion:
.) Provide a GUC failed_logins_allowed .) Add MAX FAILED LOGINS option to ADD/ALTER USER, which defaults to the GUC if not provided in the command. .) Track per-user failed attempt counts in shared catalog, and reset on a successful login.