Le 20/11/2021 à 14:48, Andrew Dunstan a écrit :
> On 11/19/21 19:17, Bossart, Nathan wrote:
>> On 11/19/21, 7:56 AM, "Tom Lane" wrote:
>>> That leads me to wonder about server-side solutions. It's easy
>>> enough for the server to see that it's used a password with an
>>> expiration N days away,
On 11/19/21 19:17, Bossart, Nathan wrote:
> On 11/19/21, 7:56 AM, "Tom Lane" wrote:
>> That leads me to wonder about server-side solutions. It's easy
>> enough for the server to see that it's used a password with an
>> expiration N days away, but how could that be reported to the
>> client? Th
On Sat, Nov 20, 2021 at 12:17:53AM +, Bossart, Nathan wrote:
> I bet it's possible to use the ClientAuthentication_hook for this. In
> any case, I agree that it probably belongs server-side so that other
> clients can benefit from this.
ClientAuthentication_hook is called before the user is i
On 11/19/21, 7:56 AM, "Tom Lane" wrote:
> That leads me to wonder about server-side solutions. It's easy
> enough for the server to see that it's used a password with an
> expiration N days away, but how could that be reported to the
> client? The only idea that comes to mind that doesn't seem l
Le 19/11/2021 à 16:55, Tom Lane a écrit :
Gilles Darold writes:
Now that the security policy is getting stronger, it is not uncommon to
create users with a password expiration date (VALID UNTIL).
TBH, I thought people were starting to realize that forced password
rotations are a net security n
Gilles Darold writes:
> Now that the security policy is getting stronger, it is not uncommon to
> create users with a password expiration date (VALID UNTIL).
TBH, I thought people were starting to realize that forced password
rotations are a net security negative. It's true that a lot of
places
On Fri, 19 Nov 2021 at 20:19, Gilles Darold wrote:
> Hi all,
>
>
> Now that the security policy is getting stronger, it is not uncommon to
> create users with a password expiration date (VALID UNTIL). The problem
> is that the user is only aware that his password has expired when he can no
> long