User password complexity - how to check?
Sankarmn
Community Edition User ✭✭
- How do we check using vsql or any other way if a user has used the password requirements? like
- Not contain multiple identical consecutive characters
- Not contain account/user name
- Not be a common password
- Not contain dictionary word
- Not have been used in the last year
- Differ from the last password by at least 10 characters
- Must have at least 2 special characters ($ _ #)
- Must be 30 characters or more
- Are the user account passwords stored inside the database? which table? are they using hash value?
0
Answers
1) you can create profiles and attach users to those profiles. for more information, please visit the below link
https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/SQLReferenceManual/Statements/CREATEPROFILE.htm
https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/Security/ClientAuth/Profiles.htm
2) Yes user account passwords are stored in passwords table in encrypted format. it is stored as md5 hash string
select * from PASSWORDS;
Thanks for the links. I have gone through them. My question is, how do we check if a user has used say, PASSWORD_MIN_LENGTH and PASSWORD_MIN_SYMBOL when changing their password. Is there a way to check in VSQL using system tables?