On Fri, 2025-09-19 at 08:32 +0000, Subramanian,Ramachandran wrote:
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
> I searched through the manals and did not find any mention of such a facility.
PostgreSQL doesn't offer support for these functionalities.
It also does not allow you to enforce password complexity rules.
> If it is not possible at the database level, can this be implemented in any other way?
The way to do that is to authenticat database users using a central identity
management system like Kerberos. See the documentation for a list of supported
authentication methods:
https://www.postgresql.org/docs/current/client-authentication.html
Yours,
Laurenz Albe
