auth_delay
auth_delay
auth_delay : pause briefly before reporting authentication failure
Overview
| ID | Extension | Package | Version | Category | License | Language |
|---|---|---|---|---|---|---|
| 7970 | auth_delay
|
auth_delay
|
- |
SEC
|
PostgreSQL
|
C
|
| Attribute | Has Binary | Has Library | Need Load | Has DDL | Relocatable | Trusted |
|---|---|---|---|---|---|---|
--sL---
|
No
|
Yes
|
Yes
|
No
|
no
|
no
|
| Relationships | |
|---|---|
| See Also | pg_auth_mon
credcheck
login_hook
passwordcheck
passwordcheck_cracklib
pgaudit
set_user
pg_permissions
|
Packages
| PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|
-
|
-
|
-
|
-
|
-
|
This is a built-in contrib extension ship with the PostgreSQL kernel
Install
Config this extension to shared_preload_libraries:
shared_preload_libraries = 'auth_delay';This extension does not need CREATE EXTENSION DDL command
Usage
auth_delay pauses the server briefly before reporting authentication failures, making brute-force password attacks more difficult.
Configuration
Add to postgresql.conf:
shared_preload_libraries = 'auth_delay'
auth_delay.milliseconds = '500'Configuration Parameters
| Parameter | Default | Description |
|---|---|---|
auth_delay.milliseconds |
0 |
Milliseconds to wait before reporting auth failure |
Notes
- Must be loaded via
shared_preload_libraries - Does not prevent denial-of-service attacks (waiting processes still hold connection slots)
- No
CREATE EXTENSIONis required – this is a shared library module only
Last updated on