In today’s article, we will learn how to determine your password policy in the parameters determined by Postgresqlcheck on Postgresql13.
When accessing the database, we may sometimes want to make our passwords short and not in compliance with password policies, but there are some packages in Postgresql databases to enforce this.
One of these is the postgresqlcheck package.
First we need to install the postgresql13-contrib package.
1 | yum install postgresql13-contrib |
After downloading PostgreSQL’s contrib package, we go to the postgresql contrib directory as follows.
1 | cd /usr/pgsql-13/share/contrib |
After going to the directory, we download the postgresqlcheck package and other packages with the following command.
1 | git clone https://github.com/michaelpq/pg_plugins/ |
After the file is downloaded, we enter the passwordcheck_extra directory in pg_plugins.
1 | cd pg_plugins/passwordcheck_extra |
After entering the passwordcheck_extra directory, we run the following command to ensure that the passwordcheck_extra package is installed in Postgresql.
1 | PATH=/usr/pgsql-13/bin:$PATH make install |
We change the shared_preload_libraries parameter in Postgresql.conf as follows.
1 | shared_preload_libraries = 'passwordcheck_extra' |
We are restarting our service because this process requires a restart in PostgreSQL.
1 | systemctl restart postgresql-13 |
After the service is restarted, we connect to Postgresql and run the load command below.
1 | LOAD 'passwordcheck_extra'; |
After running the above command, we determine our password policy via Postgresql as follows.
1 2 3 4 5 | SET passwordcheck_extra.restrict_lower = false; SET passwordcheck_extra.restrict_upper = false; SET passwordcheck_extra.restrict_special = false; SET passwordcheck_extra.minimum_length = 6; SET passwordcheck_extra.maximum_length = 18; |
In the password above, we specify the parameters that it must be uppercase and lowercase letters, must contain a minimum of 6 characters, must be a maximum of 18 characters long and must use special characters.
1 | create user passwrdpoltikadeneme password 'farukerdem'; |
As seen above, it gave us an error message because we did not create it according to the rules we specified.