SQL commands to set security policies for standard passwords such as username length and password length

User security policy values can be set using either the Web Console or SQL commands.

Username Policies

Policy Name Description Potential Values Example
userid_numeric_length_minimum The minimum number of numeric characters required in a username. If this policy is disabled, there is no minimum number of numeric characters 0-100  
userid_character_length_minimum The minimum number of character types (lowercase, uppercase, punctuation, and numeral) which must be included in a username. 0-100 Set to demand two of four types: userid_character_length_minimum=’2’

Password Policies

Administrators can specify the user security policies for Database user passwords. The values listed here are configurable per installation:

Policy Name Description Potential Values
failed_attempts_limit The number of consecutive failed login attempts before a user account is placed into a locked state. 0-100
password_history_lockout The number of recent passwords which the user cannot use when specifying a new password. For example, if this value is set to ‘2’, then the user cannot re-use their previous 2 passwords. 0-100
password_length_minimum The minimum number of characters for a user password. This value must be less than or equal to password_length_maximum, or disabled by specifying “0”. If this policy is disabled, the minimum password length default to the Cirro minimum length 0-100
password_length_maximum The maximum number of characters for a user password. This value must be greater than or equal to password_length_minimum, or disabled by specifying “0”. If this policy is disabled, the maximum password length defaults to the Cirro maximum length. 0-100
password_lower_case_minimum The minimum number of lowercase letters required in a user password. If this policy is disabled, no lowercase letters will be required. 0-100
password_upper_case_minimum The minimum number of uppercase letters required in a user password. If this policy is disabled, no uppercase letters will be required. 0-100
password_punctuation_minimum The minimum number of special characters required in a user password. If this policy is disabled, no special characters will be required. When enabled or required, the supported special characters are 0-100
password_numeral_minimum The minimum number of numerical digits required in a user password. If this policy is disabled, no digits will be required. 0-100
password_character_type_minimum The minimum number of character types (lowercase, uppercase, punctuation, and numeral) which must be included in a user password. For example, if this value is set to ‘2’, then the password must include at least two of the four types. If this policy is disabled, users will not be required to include a minimum number of character types unless each type is required individually. 0-4
password_expiration_days The number of days after their current password was created at which the user is automatically required to create a new password. If this policy is disabled, users will not be required to change their password at any interval. 0-1000

Setting User Security Policy Values

To update sys_policies use the root user to submit an UPDATE statement, as shown here.

Syntax


ALTER POLICY type SET OPTIONS ( policy_name  'newValue' [, policy_name2 'newValue2' ]);

Arguments

  • newValue: the value to assign to policyName.

  • policyName: one of the policy values listed in the table above.

Example


ALTER POLICY USERNAME SET OPTIONS ( userid_character_length_minimum '3');

ALTER POLICY PASSWORD SET OPTIONS ( password_expiration_days '10', password_character_type_minimum '2', failed_attempts_limit '5');

See Also