Google Ireland Ltd.,Gordon House, Barrow Street, Dublin 4, Ireland Registered in Dublin, Ireland Registration Number: 368047
On Fri, Feb 3, 2017 at 3:55 PM, PAWAN SHARMA <er.pawanshr0...@gmail.com> wrote: > > On Fri, Feb 3, 2017 at 9:11 PM, Adam Brusselback < > adambrusselb...@gmail.com> wrote: > >> Whoops, accidentally sent this to only Pawan instead of the list: >>> >>> >> Hey there, so I would highly suggest you avoid arbitrary password >> strength policies like that. I wrote a library for my company which we use >> for password strength estimation, but it is written in Java. I've been >> thinking about how to port it to pl/pgsql so it could easily be packaged as >> an extension and used natively in Postgres, but I just haven't had time to >> get around to that yet. Here it is for reference: https://github.com/ >> GoSimpleLLC/nbvcxz >> >> If you're actually interested in having an extension which works like the >> above, and want to work on porting it, i'd be more than happy to jump in >> and help out where I can. I just don't have the free cycles to do it my >> self at the moment. >> >> Now on to your original question...Why wouldn't it be possible to create >> a trigger on your users table to check the password being inserted, raise >> an error if it does not meet your requirement, or hash it if it does and >> continue the insert? Seems pretty straight forward other than the >> complexity of actually estimating how secure a password is. >> > > > Thanks Adam, but here the requirement to enforce password polices while > creating to the users. > > create user abc with password 'Password'; > > where it will test that the password entered should be according to the > company standard, while creation of users. > So please suggest. > Consider using PAM authentication where you can insert any of already existing password strength checks. Or, maybe, LDAP auth where stuff will be enforced by LDAP server. -- Vladimir Rusinov Storage SRE, Google Ireland
smime.p7s
Description: S/MIME Cryptographic Signature
