英文:
How can I set default password expiration policy for postgresSQL server?
问题
我正在运行一个Aurora postgres DB服务器,我想设置密码过期策略,以便用户可以更改密码,并且在1个月后会过期。
我知道我可以创建一个带有密码过期日期的用户,示例如下。
DO
$do$
BEGIN
EXECUTE format($$CREATE USER myuser WITH PASSWORD 'password12345678' VALID UNTIL %L$$, NOW() + interval '1 month');
END
$do$;
但是,我不想强制用户自行输入“VALID UNTIL”,因为我不想将这样的控制权交给用户。我希望确保用户可以更改密码,但他们应该在固定的时间内更改。
作为管理员,我只会创建一个数据库用户一次。之后,每个用户都使用数据库用户,但他们会在特定的时间段后更改密码。
简而言之,我正在寻找Postgres中可以扮演与MySQL的“default_password_lifetime”相同角色的东西。这是可能的吗?我该如何实现这一目标?
英文:
I'm running a Aurora postgres DB server, and I want to set the password expiration policy so that an user can change his password and it will be expired after 1 month.
I know that I can create an user with password expiration date such as below.
DO
$do$
BEGIN
EXECUTE format($$CREATE USER myuser WITH PASSWORD 'password12345678' VALID UNTIL %L$$, NOW() + interval '1 month');
END
$do$;
However, I don't want to force my users to input VALID UNTIL
by themselves, because I don't want to give such controls to my user. I want to guarantee that my users can change password but they should change within a fixed duration.
As an admin, I will create a db user only once. After that, each user uses the db user but they change their passwords whenever a certain period of time passes.
In short, I'm looking for something in postgres that can play the same role as mysql's default_password_lifetime
.
Is it possible? How can I achieve this??
答案1
得分: 1
在PostgreSQL中无法设置密码的生命周期,也无法强制密码复杂性规则。如果您需要这些功能,请使用不在数据库中使用密码的身份验证方法,而是使用一种可以强制执行您的要求的中央身份管理解决方案。
英文:
There is no way to set a password life time in PostgreSQL. Also, you cannot enforce password complexity rules. If you need any of that, use an authentication method that does not use passwords in the database, but some central identity management solution that can enforce your requirements.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论