What is a Password Profile?
Have you seen pop-up messages saying, "You are left with two more attempts" when you enter a wrong password? Also, have you seen a dialog box saying "Account locked due to too many failed logins"? Likewise, you might have also seen the alert to change your password because it is too old. And when you try to change your password, it won't allow you to change it to the previous one and wants a stronger password containing characters, digits, special characters, etc.
This kind of security is provided by most financial websites, and others as well, to protect your account from an unknown person trying to break into your account. And in most cases, this is done by the application layer, due to the lack of these features in the backend database these sites are using.
But with the features of EDB Postgres Advanced Server (EPAS) v9.5, your application can now simply push these responsibilities onto the database layer by creating a password profile and then associating that with the user.
Password profiles define rules for managing and reusing user passwords. With these profiles, a superuser can enforce some restrictions, like locking an account after a certain number of failed logins or can enforce certain constraints on creating a new password.
In this blog, I will illustrate various profiling parameters available in EPAS v9.5 and their use-cases. Like users and tablespaces, profiles are global objects too, which means they are shared across various databases within a single cluster.
Every #TechTuesday, EnterpriseDB shares a how-to post authored by a Postgres contributor and expert for Postgres Gems, the PostgresRocks community forum. PostgresRocks is a community to discuss all things Postgres. Join us at PostgresRocks and be part of the conversation.