One of the means of enhancing system security is to use passwords. HiRDB can set up a password for each user. However, if a simple password that can be easily guessed is used (for example, using the person's authorization identifier or birth date as the password), there is a heightened risk that an unauthorized user might be able to guess the password and infiltrate the system. To minimize the possibility of unauthorized use of passwords, we recommend that you use the connection security facility. The following table provides an overview of the connection security facility.

Table 25-1 Overview of the connection security facility

Functions	Explanation
Password character string restrictions	You can set up restrictions on the character strings used as passwords. For example, you can prohibit passwords such as AAAAA or zzzzz. Prohibiting simple passwords enhances password security.
Limit on the number of consecutive certification failures	When a user enters an invalid password, certification of that user fails and the user is not connected to HiRDB. If user certification fails more than a certain number of times in succession, HiRDB can be set to deny to that user the right to connect to HiRDB. For this purpose, a limit is set on the number of consecutive failures permitted to achieve user certification, and anytime a user exceeds the limit, the user is barred from connecting to HiRDB. For example, the limit could be set so that denial of connection rights to HiRDB will be implemented whenever a user enters an invalid password more than three times in a row.

Use of both of these functions makes unauthorized access based on guessing at a password more difficult, resulting in enhanced security.