User password complexity - how to check?

Sankarmn

1. How do we check using vsql or any other way if a user has used the password requirements? like

• Not contain multiple identical consecutive characters
• Not contain account/user name
• Not be a common password
• Not contain dictionary word
• Not have been used in the last year
• Differ from the last password by at least 10 characters
• Must have at least 2 special characters ($ _ #)
• Must be 30 characters or more

2. Are the user account passwords stored inside the database? which table? are they using hash value?

SruthiA

1) you can create profiles and attach users to those profiles. for more information, please visit the below link
https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/SQLReferenceManual/Statements/CREATEPROFILE.htm
https://www.vertica.com/docs/10.0.x/HTML/Content/Authoring/Security/ClientAuth/Profiles.htm

2) Yes user account passwords are stored in passwords table in encrypted format. it is stored as md5 hash string
select * from PASSWORDS;

Sankarmn

Thanks for the links. I have gone through them. My question is, how do we check if a user has used say, PASSWORD_MIN_LENGTH and PASSWORD_MIN_SYMBOL when changing their password. Is there a way to check in VSQL using system tables?