Archives of the TeradataForum
Message Posted: Tue, 06 Jun 2000 @ 21:56:29 GMT
This is an extract from the security admin guide, as you can see there are many ways of adjusting the logon security.
Several password control features enhance Teradata security as follows:
Password Expiration Allows the security administrator to define a time span during which a password is valid. After the time elapses, the user must change the password. Password Reuse This feature, which complements the password expiration feature, allows the security administrator to define the time span that must elapse before a previously used password can be reassigned to a user. Maximum Logon Attempt Defines the number of erroneous sequential logon attempts a user is allowed before the user is locked to further logon attempts. Password Lockout Time Sets the user lock time duration after the user has exceeded the maximum number of logon attempts. Miscellaneous Password Features Allow the security administrator to restrict the number of characters in the password, and to control the use of digits and special characters.
The security administrator sets up the password features for a Teradata RDBMS by updating columns of a single row in user DBC table DBC.SysSecDefaults. The single row in the table is read by the Teradata RDBMS at system startup. The software uses the values in the columns to determine whether the option has been selected.
Note: The system must be restarted to read the DBC.SysSecDefaults table and to make changed values operational.
The rules selected apply to all users attempting to log on to the Teradata RDBMS, regardless of the logical client system from which the logon is received. The only override to the rules is the null password option, which allows a user to log on without a password and bypass all rules pertaining to user authentication.
A Teradata SQL description of the DBC.SysSecDefaults table is as follows:
CREATE TABLE DBC.SysSecDefaults, FALLBACK
User DBC has update and select access rights on the table. The default values in the row (which are initialized by the dictionary initialization and conversion utilities) are as follows:
INSERT INTO DBC.SysSecDefaults
User DBC can use a simple update statement to change a default value. The option then becomes effective after the system is restarted. The following example shows the UPDATE statement to set the minimum number of password characters to eight:
UPDATE DBC.SysSecDefaults SET PasswordMinChar = 8 ;
|Copyright 2016 - All Rights Reserved
|Last Modified: 15 Jun 2023