1. Problems
How to set the password complexity of KingbaseES database users?
2. What is password complexity?
KingbaseES database password complexity refers to the minimum length of the password and the number of numbers, English letters and special symbols contained in the password.
After the database administrator sets the password complexity, KingbaseES database can automatically check the user password when creating and modifying users. If the password does not meet the specified conditions, the user creation / modification will not succeed.
3. Complexity management of KingbaseES user password
KingbaseES database manages the complexity of passwords through plug-ins. This method is more flexible. When the practical scenario of the database requires password complexity management, you can load the plug-in. When you do not need this function, you can uninstall the plug-in.
KingbaseES implements user password complexity management through {4 global level parameters and plug-ins.
3.1. Loading plug-ins
Kingbase es database through modifying Kingbase Shared in conf file_ preload_ Libraries parameter to load the plug-in:
shared_preload_libraries = 'passwordcheck'
After loading the plug-in, you need to restart the database and create the plug-in:
create extension passwordcheck; CREATE EXTENSION
3.2. Configure password complexity parameters
3.2. 1. Turn on the password complexity switch
The complexity switch passes the parameter passwordcheck Enable configuration. It is off by default.
Displays the status of the current database password complexity switch:
show passwordcheck.enable; passwordcheck.enable ---------------------- off (1 Row record)
Turn on the password complexity switch:
alter system set passwordcheck.enable=on; ALTER SYSTEM
Reread kingbase.com Conf file:
select sys_reload_conf(); sys_reload_conf ----------------- t (1 Row record)
Displays the status of the current database password complexity switch:
show passwordcheck.enable; passwordcheck.enable ---------------------- on (1 Row record)
3.2. 2. Set the length of the password
The length of KingbaseES user password is through passwordcheck password_ The length parameter is configured. The value range is [8, 63], and the default value is {8.
Displays the length of the current password:
SHOW passwordcheck.password_length; passwordcheck.password_length ------------------------------- 8 (1 row)
Set the length of the user password to 10:
SET passwordcheck.password_length = 10;
Displays the length of the current password:
SHOW passwordcheck.password_length; passwordcheck.password_length ------------------------------- 10 (1 row)
3.2. 3. Set the number of letters in the password
The number of letters in KingbaseES user password is determined by the parameter passwordcheck password_ condition_ For letter configuration, the value range is [2, 61], and the default value is 2.
Displays the number of letters in the current password:
SHOW passwordcheck.password_condition_letter; passwordcheck.password_condition_letter ----------------------------------------- 2 (1 row)
Set user password with 3 letters:
SET passwordcheck.password_condition_letter = 3;
Displays the number of letters in the current password:
SHOW passwordcheck.password_condition_letter; passwordcheck.password_condition_letter ----------------------------------------- 3 (1 row)
3.2. 4. Set the number of numbers in the password
The number of digits in KingbaseES user password is determined by the parameter passwordcheck password_ condition_ For digital configuration, the value range is [2, 61], and the default value is [2, 61].
Displays the number of digits in the current password:
SHOW passwordcheck.password_condition_digit; passwordcheck.password_condition_digit ---------------------------------------- 2 (1 row)
Set user password with 3 numbers:
SET passwordcheck.password_condition_digit = 3;
Displays the number of digits in the current password:
SHOW passwordcheck.password_condition_digit; passwordcheck.password_condition_digit ---------------------------------------- 3 (1 row)
3.2. 5. Set the number of special characters in the password
The number of special characters in KingbaseES user password is determined by the parameter passwordcheck password_ condition_ Punct configuration, the value range is [0, 59], and the default value is 0. Special symbols are all visible characters except white space, English letters, single quotation marks and numbers.
Displays the number of special characters in the current password:
SHOW passwordcheck.password_condition_punct; passwordcheck.password_condition_punct ---------------------------------------- 0 (1 row)
Set 2 special characters in user password:
SET passwordcheck.password_condition_punct = 2;
Displays the number of special characters in the current password:
SHOW passwordcheck.password_condition_punct; passwordcheck.password_condition_punct ---------------------------------------- 2 (1 row)
3.3. Uninstall plug-in
When the user password complexity management function is not required, the user can modify the} Kingbase Conf shared in conf file_ preload_ Libraries parameter, uninstall the plug-in:
shared_preload_libraries = ''
When uninstalling the plug-in, it will take effect after restarting the database.