On Fri, Mar 8, 2013 at 4:07 AM, Albe Laurenz <laurenz.a...@wien.gv.at>wrote:
> Victor Yegorov wrote: > > 2013/3/8 Albe Laurenz <laurenz.a...@wien.gv.at> > >> This way you can also force a certain password expiry date > >> (PostgreSQL does not have a password life time). > > > > What bout ALTER ROLE ... VALID UNTIL 'timestamp' ? > > That's the password expiry date. > > Oracle's concept is different: it sets a limit on the time > between password changes. > There is no such thing in PostgreSQL. BTW, your suggestion to use a function here is exactly what we do in LedgerSMB. Password expiration is forced to be now() + an interval specified in a configuration table. It would be nice to be able to do handling of failed login attempts but currently I don;t think that's possible from within PostgreSQL (i.e. without external auth).