パスワードポリシー

DB

(8.0.21)
https://tokyo-engineer.com/mysql8-password-root/#i
https://dev.mysql.com/doc/refman/8.0/en/validate-password-options-variables.html

※デフォルトで有効

SHOW VARIABLES LIKE 'validate_password.%';

+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+--------------------------------------+--------+

vim /etc/my.cnf

validate_password.length = 4
validate_password.policy = LOW
validate_password.check_user_name = OFF

systemctl restart mysqld

SHOW VARIABLES LIKE 'validate_password.%';

+--------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------+-------+
| validate_password.check_user_name | OFF |
| validate_password.dictionary_file | |
| validate_password.length | 4 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | LOW |
| validate_password.special_char_count | 1 |
+--------------------------------------+-------+

 

(12cR1)
https://blogs.oracle.com/sec/howto_010_password_profile

※デフォルトで無効

select * from dba_profiles where PROFILE = 'DEFAULT' and RESOURCE_TYPE = 'PASSWORD';

alter profile default limit FAILED_LOGIN_ATTEMPTS unlimited;
alter profile default limit PASSWORD_LIFE_TIME unlimited;
alter profile default limit PASSWORD_LOCK_TIME unlimited;
alter profile default limit PASSWORD_GRACE_TIME unlimited;

(11)
https://lets.postgresql.jp/node/159

※デフォルトで無効

-- passwordcheck

vim postgresql.conf

shared_preload_libraries = '$libdir/passwordcheck'

sudo systemctl restart postgresql-11

create user user1 with login encrypted password '1234567';
ERROR: password is too short

create user user1 with login encrypted password '12345678';
ERROR: password must contain both letters and nonletters

create user user1 with login encrypted password 'user1user1';
ERROR: password must not contain user name

 

(2019)
https://docs.microsoft.com/ja-jp/sql/relational-databases/security/password-policy?view=sql-server-ver15

※デフォルトで有効

use master
go

drop login user1;

create login user1 with password='1234567', check_policy=on
create login user1 with password='12345678', check_policy=on
create login user1 with password='user1user1', check_policy=on

パスワードの検証に失敗しました。このパスワードはオペレーティング システムのポリシーで指定された基準を満たすほど複雑ではありません。