Nonstop Database, HiRDB Version 9 System Operation Guide
The following table explains the restrictions that can be set for passwords.
Table 25-2 Restrictions that can be set for passwords
Item | Explanation |
---|---|
Specifiable minimum in bytes | You can specify a minimum number of bytes that must be used for a password. |
Prohibition on use of the authorization identifier | You can prohibit use of a person's authorization identifier in his or her password character string. |
Prohibition on use of only one type of characters# | You can prohibit the use of only one type of characters in a password, such as only upper-case letters or only lower-case letters. |
When password character string restrictions are first established, any user whose existing password does not conform to the restrictions is placed in what is called password-invalid account lock state. A user placed in this status can no longer connect to HiRDB.
To release a user from password-invalid account lock state, the user's password must be changed. For details about changing a password, see 25.4.1 Releasing individual users from password-invalid account lock state.
Before establishing password character string restrictions, you can determine how many users will be placed in password-invalid account lock state because of the restrictions. For details about determining the number of such users, see 25.5 Checking for users who will be placed in password-invalid account lock state.
GRANT DBA, GRANT AUDIT, or GRANT CONNECT is used to set a password for a new user. If that password violates a restriction, execution of the GRANT statement will not be successful.
You use CREATE CONNECTION SECURITY to set password character string restrictions. For details about the setting procedure, see 25.2 Setting password character string restrictions.
For details about password character string restrictions, see sections 25.2 through 25.8 and 25.12.
All Rights Reserved. Copyright (C) 2011, 2015, Hitachi, Ltd.