You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We recently encountered a limitation with password generation during our implementation process. While using TimescaleDB version 1.11.0 and Terraform 1.7 (we are now on version 1.12.0 and Terraform 1.9.8), we created a new timescale_service, and passwords were automatically generated for it.
However, upon review, we found that these passwords:
Are 16 characters long and simple in structure.
Have an estimated 48 bits of entropy, which do not meet modern security requirements.
To enhance user security, we kindly request the following improvements:
1. Generate Stronger Passwords by Default:
Automatically generate passwords with at least 128 bits of entropy. This would significantly improve resistance to brute-force attacks and align with best practices for modern cryptographic security.
2. Enable Password Rotation:
Allow users to rotate passwords seamlessly for existing timescale_service instances. This feature would benefit all users by enabling them to improve password security without disrupting operations.
Benefits
Improved Security: Higher entropy passwords reduce vulnerability to brute-force attacks.
Hello @ann8ty. The version of provider that you are running allows you to control the password of your service from terraform configuration. The issue that you linked contains the commit that enabled that feature for the provider. You are free to enforce any password policy that works for you.
Issue
We recently encountered a limitation with password generation during our implementation process. While using TimescaleDB version 1.11.0 and Terraform 1.7 (we are now on version 1.12.0 and Terraform 1.9.8), we created a new timescale_service, and passwords were automatically generated for it.
However, upon review, we found that these passwords:
To enhance user security, we kindly request the following improvements:
1. Generate Stronger Passwords by Default:
Automatically generate passwords with at least 128 bits of entropy. This would significantly improve resistance to brute-force attacks and align with best practices for modern cryptographic security.
2. Enable Password Rotation:
Allow users to rotate passwords seamlessly for existing timescale_service instances. This feature would benefit all users by enabling them to improve password security without disrupting operations.
Benefits
Related Issue: #210
The text was updated successfully, but these errors were encountered: