Re: BUG #16522: No anti-violent cracking mechanism
On Wed, Jul 1, 2020 at 12:07 PM PG Bug reporting form <[hidden email]> wrote:
The following bug has been logged on the website:
Bug reference: 16522
Logged by: yi Ding
Email address: [hidden email]
PostgreSQL version: 10.13
Operating system: linux
Pg database is not locked after password verification fails several times.
Correct, there is no such feature built-in, so there is no bug in something that does not work.
If you want this feature you can integrate PostgreSQL with numerous external authentication methods such as gssapi, ldap, radius or pam, all of which can provide such functionality if set up right. You can also use fail2ban or some simple log-tailing script that implements it.