syst_disallowed_passwords


Description

A list of hashed passwords which are disallowed for use in the system when the password rule to disallow common/known compromised passwords is enabled. Currently the expectation is that common passwords will be stored as sha1 hashes.

User Defined Record Supported Operations

  • INSERT
  • SELECT
  • DELETE

Columns

Column Type Size Nulls Auto Default Children Parents Comments
password_hash bytea 2147483647 null

The SHA1 hash of the disallowed password. The reason for using SHA1 here is that it is compatible with the “Have I Been Pwned” data and API products. We also get some reasonable obscuring of possibly private data.

Data Requirements

  • Required?: true
  • Unique Values Required?: true
  • Default Value: ( No Default Value )

User Defined Record Supported Operations

  • INSERT
  • SELECT

Supplemental Notes

Attempting to INSERT a duplicate disallowed password using this API View will simply result in the inserted record being silently ignored in favor of the existing record.

Relationships

Close relationships within degrees of separation

View Definition

Possibly Referenced Tables/Views