Password policy flags

This page describes the database flags that AlloyDB for PostgreSQL uses to enforce a set of restrictions specific to their password policy. For a list of all database flags that AlloyDB supports, see Supported database flags.

password.enforce_password_does_not_contain_username

TypeBoolean
DefaultOFF
Instance restartsNo

If on, prohibits using a username as part of a password. This password policy is case sensitive, so if a username is Alex, then a password that contains alex is allowed.

password.enforce_expiration

TypeBoolean
DefaultOFF
Instance restartsNo

Manages a lifetime of a password.

password.enforce_complexity

TypeBoolean
DefaultOFF
Instance restartsNo

Enforces the password complexity policy when new passwords must meet the guidelines specified by other password flags.

password.expiration_in_days

TypeInteger
Default90
Valid values0 ... 10000
Instance restartsNo

Requires passwords to be changed within the specified number of days.

password.min_uppercase_letters

TypeInteger
Default0
Valid values0 ... 10000
Instance restartsNo

Sets the minimum number of uppercase letters for a password.

password.max_uppercase_letters

TypeInteger
Default10000
Valid values0 ... 10000
Instance restartsNo

Sets the maximum number of uppercase letters for a password.

password.min_lowercase_letters

TypeInteger
Default0
Valid values0 ... 10000
Instance restartsNo

Sets the minimum number of lowercase letters for a password.

password.max_lowercase_letters

TypeInteger
Default10000
Valid values0 ... 10000
Instance restartsNo

Sets the maximum number of lowercase letters for a password.

password.min_numerical_chars

TypeInteger
Default0
Valid values0 ... 10000
Instance restartsNo

Sets the minimum number of numerical characters for a password.

password.max_numerical_chars

TypeInteger
Default10000
Valid values0 ... 10000
Instance restartsNo

Sets the maximum number of numerical characters for a password.

password.min_special_chars

TypeInteger
Default0
Valid values0 ... 10000
Instance restartsNo

Sets the minimum number of special characters for a password.

password.max_special_chars

TypeInteger
Default10000
Valid values0 ... 10000
Instance restartsNo

Sets the maximum number of special characters for a password.

password.min_pass_length

TypeInteger
Default0
Valid values0 ... 10000
Instance restartsNo

Specifies the minimum number of characters allowed in a password.

password.max_pass_length

TypeInteger
Default10000
Valid values0 ... 10000
Instance restartsNo

Sets the maximum number of characters allowed in a password.

password.notify_expiration_in_days

TypeInteger
Default30
Valid values0 ... 10000
Instance restartsNo

Sets the number of days when a user starts receiving notifications that their password is about to expire.