On Tue, Sep 29, 2009 at 4:49 AM, Tom Lane <[email protected]> wrote:
> Josh Berkus <[email protected]> writes: > > Hmmm, that would be a useful, easy (I think) security feature: add a GUC > > for failed_logins_allowed. > > And the counts would be tracked and enforced where? > > Combining this with other suggestion: .) Provide a GUC failed_logins_allowed .) Add MAX FAILED LOGINS option to ADD/ALTER USER, which defaults to the GUC if not provided in the command. .) Track per-user failed attempt counts in shared catalog, and reset on a successful login. Best regards, -- Lets call it Postgres EnterpriseDB http://www.enterprisedb.com gurjeet[[email protected] singh.gurj...@{ gmail | hotmail | indiatimes | yahoo }.com Twitter: singh_gurjeet Skype: singh_gurjeet Mail sent from my BlackLaptop device
