17.10 - Password History - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
To aid in researching password reuse status, Teradata Vantage saves all previously used passwords in the DBC.OldPasswords table. When users successfully change their password, the system:
  • Writes a row containing the current password to DBC.OldPasswords.
  • Deletes old password rows for the user with a date earlier than the current date minus the PasswordReuse time span from DBC.OldPassword.
    If you reset a user password, the system does not enforce any PasswordReuse restriction that would normally apply to that password. PasswordReuse restrictions only apply when users reset their own passwords.

The DBC.OldPassword table contains the following information.

Column Description
UserName Identity of the user to which the password was assigned.
PasswordDate Date the password was changed for the user.
EncryptionFlag Identifies whether the password is encrypted by DES or SHA-256.
PasswordSalt SHA Standard seed needed to encrypt the password.
EncryptedPassword Encrypted password string.
EncryptedPasswordLength
  • DES encrypted passwords = 8 bytes
  • SHA-256 passwords = 32 bytes