The Vertica Forum recently got a makeover! Let us know what you think by filling out this short, anonymous survey.
Please take this survey to help us learn more about how you use third party tools. Your input is greatly appreciated!

Enforcing Password complexity for user logins - how to check?

SankarmnSankarmn Community Edition User ✭✭
in General Discussion

How can we verify if an user is changing the password like,
1. are they putting in 12 to 20 characters
2..Not a dictionary word
3. using special characters
4. not to use the previous 6 passwords
5. not to use username
6. avoid multiple identical consecutive characters
Is there a password complexity function to verify against a user password?

Tagged:

Answers

  • moshegmosheg Vertica Employee Administrator

    To control password requirements for users use a PASSWORD PROFILE described here:
    https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/SQLReferenceManual/Statements/CREATEPROFILE.htm
    And a CREATE USER statement described here:
    https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/SQLReferenceManual/Statements/CREATEUSER.htm
    For example:

    CREATE PROFILE QA_PROFILE_01 LIMIT
PASSWORD_REUSE_MAX 6
PASSWORD_MIN_LENGTH 12
PASSWORD_MAX_LENGTH 20
PASSWORD_MIN_SYMBOLS 1
PASSWORD_MIN_DIGITS 1
PASSWORD_MIN_UPPERCASE_LETTERS 1
PASSWORD_MIN_LOWERCASE_LETTERS 1;
CREATE PROFILE

CREATE USER FRED1 PROFILE QA_PROFILE_01 IDENTIFIED BY '12345678901234567890';
vsql:1_create_user.sql:1: ROLLBACK 4923:  That password is not acceptable
DETAIL:  The password must have at least 1 non-alphanumeric characters

CREATE USER FRED1 PROFILE QA_PROFILE_01 IDENTIFIED BY 'T234567890';
vsql:1_create_user.sql:2: ROLLBACK 4923:  That password is not acceptable
DETAIL:  The password is too short
HINT:  Minimum password length is 12 characters

CREATE USER FRED1 PROFILE QA_PROFILE_01 IDENTIFIED BY 'TooGood2BeTrue';
vsql:1_create_user.sql:3: ROLLBACK 4923:  That password is not acceptable
DETAIL:  The password must have at least 1 non-alphanumeric characters

CREATE USER FRED1 PROFILE QA_PROFILE_01 IDENTIFIED BY 'TooGood2BeTrue%';
CREATE USER
  • SankarmnSankarmn Community Edition User ✭✭

    @mosheg , thanks for the links. Since the DBA sets them as I don't have clarity on what's set. In that case how do I cross check what profile options has been used?

    Also I am looking for the below options to set in profile. Are these functionality available?
    1. Not contain multiple identical consecutive characters
    2. Not contain user name as password
    3. Not be a common password like 'password1234'
    4. Not contain dictionary word
    5. Not have been used in the last year
    6. Differ from the last password by at least 12 characters

    TIA

  • SankarmnSankarmn Community Edition User ✭✭

    How to the view the set profile options through vsql?
    Can the above 6 options be set in profile?

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
SpoilerCodeQuote
Heading 2Heading 1
Emoji
:):D:(;):/:o:s:p:'(:|B):#:*<3o:)>:)
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home General DiscussionComment As ...