tags:

views:

34

answers:

1
Q: 

Postgres Rule to invalidate user passwords every 60 days

Hi all, I am having some trouble invalidating user passwords every 60 days on my postgres database:

CREATE RULE user_expiration AS ON UPDATE TO users DO INSTEAD UPDATE user SET user_expires = user_expires + '60'

This will work every time the user changes their password, however it also works every time any update is issued on the records. How can I ensure that it only updates on the change password event?

+1  A: 

A trigger is a better solution. As of version 9.0 it has per column triggers, triggers that only fire when a certain column has been changed. In older versions you have to do the check inside the function, compare OLD.password and NEW.password before you deside to update the user_expires column.

Frank Heikens  2010-09-28 16:22:28
I guess I should also ask how can we enforce that the password changes?
Woot4Moo  2010-09-28 16:25:10
If you want to enforce a new password, if OLD.password = NEW.password then RAISE EXCEPTION in your trigger function.
Frank Heikens  2010-09-28 16:47:29
thanks 15 chars
Woot4Moo  2010-09-28 16:49:10

related questions

What are some good security questions?
What's a good alternative to security questions?
Protect embedded password
How do you generate passwords?
Should I impose a maximum length on passwords?
How best to generate a random string in Ruby
What is the best way to check the strength of a password?
In a client-server application: How to send to the DB the user's application password?
How does your company manage credentials?
Replacing plain text password for app
How to implement password protection for individual files?
Password generation, best practice
Unique key generation
Generating Random Passwords
Oracle lost sysdba password
How does one decrypt a PDF with an owner password, but no user password?
Storing Windows passwords.
How do I avoid having the database password stored in plaintext in sourcecode?
How do I write Firefox add-on that automatically enters proxy passwords?
How to store passwords in Winforms application?
Two-way password encryption without ssl
Disable browser 'Save Password' functionality
Simple password encryption
Best way to store a database password in a startup script / config file?
Encrypting Passwords