Comparing Global and Profile-Based Password Controls - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

The security administrator can reset the password control parameters shown in the SysSecDefaults table in the following ways.

Password controls do not affect externally authenticated users because the database does not validate their passwords.
Reset Method Description Effects
Change a parameter value using an UPDATE statement Resets the control globally.
This is a global reset that causes the system to undo all default control values for affected parameters.
  • Global password controls apply to all users defined in the database.
  • DBC.SysSecDefaults table only at database startup. You must restart the database to enable changed values.
Password changes can take place when:
  • You modify an existing user definition, or a user modifies his or her own user definition, using a MODIFY USER statement.
  • A password expires and the user creates a password.
CREATE/MODIFY PROFILE Resets global password control parameters only for members of the profile.
Changes take effect at the next user logon.
Profile-based password controls apply only to the children of profile member users. To assign password controls to administrative users, you must assign a profile that contains the controls to a super administrator, who can then pass the controls down to other administrative users. Also see Effects of Profile-Based Password Controls.