auth_delay
auth_delay
auth_delay : pause briefly before reporting authentication failure
Overview
| ID | Extension | Package | Version | Category | License | Language |
|---|---|---|---|---|---|---|
| 7970 | auth_delay | auth_delay | - | SEC | PostgreSQL | C |
| Attribute | Has Binary | Has Library | Need Load | Has DDL | Relocatable | Trusted |
|---|---|---|---|---|---|---|
--sL--- | No | Yes | Yes | No | no | no |
| Relationships | |
|---|---|
| See Also | pg_auth_mon credcheck login_hook passwordcheck passwordcheck_cracklib pgaudit set_user pg_permissions |
Packages
| PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|
- | - | - | - | - |
This is a built-in contrib extension ship with the PostgreSQL kernel
Install
Config this extension to shared_preload_libraries:
shared_preload_libraries = 'auth_delay';This extension does not need CREATE EXTENSION DDL command
Usage
auth_delay pauses the server briefly before reporting authentication failures, making brute-force password attacks more difficult.
Configuration
Add to postgresql.conf:
shared_preload_libraries = 'auth_delay'
auth_delay.milliseconds = '500'Configuration Parameters
| Parameter | Default | Description |
|---|---|---|
auth_delay.milliseconds | 0 | Milliseconds to wait before reporting auth failure |
Notes
- Must be loaded via
shared_preload_libraries - Does not prevent denial-of-service attacks (waiting processes still hold connection slots)
- No
CREATE EXTENSIONis required – this is a shared library module only
Last updated on