If you register a new user as the auditor, that user's authorization identifier is used as the password immediately after registration. If you register an existing user as the auditor and no password is set for that user, that user's authorization identifier is also used as the password immediately after registration. In either case, use the GRANT statement to change the password.