syst_global_password_rules


Description

Establishes a minimum standard for password credential complexity globally. Individual Owners may define more restrictive complexity requirements for their own accounts and instances, but may not weaken those defined globally.

System Defined Record Supported Operations

  • SELECT
  • UPDATE - See column comments for applicable restrictions.

Columns

Column Type Size Nulls Auto Default Children Parents Comments
id uuid 2147483647 null

The record’s primary key. The definitive identifier of the record in the system.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: true
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
password_length int4range 2147483647 null

An integer range of acceptable password lengths with the lower bound representing the minimum length and the upper bound representing the maximum password length.

General Usage

A zero or negative value on either bound indicates that the bound check is disabled. Note that disabling a bound may still result in a bounds check using the application defined default for the bound.

Length is determined on a per character basis, not a per byte basis.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
max_age interval 49,6 null

An interval indicating the maximum allowed age of a password. Any password older than this interval will typically result in the user being forced to update their password prior to being allowed access to other functionality. The specific user workflow will depend on the implementation details of application.

General Usage

An interval of 0 time disables the check and passwords may be of any age.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
require_upper_case int4 10 null

Establishes the minimum number of upper case characters that are required to be present in the password.

General Usage

Setting this value to 0 disables the requirement for upper case characters.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
require_lower_case int4 10 null

Setting this value to 0 disables the requirement for lower case characters.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
require_numbers int4 10 null

Establishes the minimum number of numeric characters that are required to be present in the password.

General Usage

Setting this value to 0 disables the requirement for numeric characters.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
require_symbols int4 10 null

Establishes the minimum number of non-alphanumeric characters that are required to be present in the password.

General Usage

Setting this value to 0 disables the requirement for non-alphanumeric characters.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
disallow_recently_used int4 10 null

When passwords are changed, this value determines how many prior passwords should be checked in order to prevent password re-use.

General Usage

Setting this value to zero or a negative number will disable the recently used password check.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
disallow_compromised bool 1 null

When true new passwords submitted through the change password process will be checked against a list of common passwords and passwords known to have been compromised and disallow their use as password credentials in the system.

General Usage

When false submitted passwords are not checked as being common or against known compromised passwords; such passwords would therefore be usable in the system.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
require_mfa bool 1 null

When true, an approved multi-factor authentication method must be used in addition to the password credential.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
allowed_mfa_types _text 2147483647 null

A array of the approved multi-factor authentication methods.

Data Requirements

  • Required?: true
  • Unique Values Required?: false
  • Default Value: ( No Default Value )

System Defined Record Supported Operations

  • SELECT
  • UPDATE - Always updatable, even when not otherwise user maintainable.
diag_timestamp_created timestamptz 35,6 null

The database server date/time when the transaction which created the record started.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_role_created text 2147483647 null

The database role which created the record.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_timestamp_modified timestamptz 35,6 null

The database server date/time when the transaction which modified the record started. This field will be the same as diag_timestamp_created for inserted records.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_wallclock_modified timestamptz 35,6 null

The database server date/time at the moment the record was actually modified. For long running transactions this time may be significantly later than the value of diag_timestamp_modified.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_role_modified text 2147483647 null

The database role which modified the record.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_row_version int8 19 null

The current version of the row. The value here indicates how many actual data changes have been made to the row. If an update of the row leaves all data fields the same, disregarding the updates to the diag_* columns, the row version is not updated, nor are any updates made to the other diag_* columns other than diag_update_count.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT
diag_update_count int8 19 null

Records the number of times the record has been updated regardless as to if the update actually changed any data. In this way needless or redundant record updates can be found. This row starts at 0 and therefore may be the same as the diag_row_version - 1.

General Usage

This column is system maintained and should be considered read only in normal operations.

Data Requirements

  • Required?: false
  • Unique Values Required?: false
  • Default Value: Automatically Generated

System Defined Record Supported Operations

  • SELECT

Relationships

Close relationships within degrees of separation

View Definition

Possibly Referenced Tables/Views