Password Controls | Teradata Vantage - Password Controls - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-05-03
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
Product Category
Teradata Vantage

Teradata recommends that all sites enforce strong password controls. Teradata Vantage offers several options for controlling password format and usage.

The DBC.SysSecDefaults table contains a set of global controls that restrict the usage and content of passwords for all users, as shown in the following table.

Field Name Description
Usage Controls
ExpirePassword Sets the number of days that must elapse before a password expires.
MaxLogonAttempts Sets the number of erroneous logons the system allows before it locks the user out of the database.
LockedUserExpire (Password Lockout Time) Sets the number of minutes elapsed before the system unlocks a locked user.
PasswordReuse Sets the number of days that must elapse before a user can reuse an expired password.
Format Controls
PasswordMinChar Sets the minimum number of characters required in a password.
PasswordMaxChar Sets the maximum number of characters allowed in a password.
PasswordDigits Determines whether ASCII digits are:
  • Allowed in a password
  • Not allowed in a password
  • Required in a password
PasswordSpecChar Indicates whether ASCII special characters are:
  • Allowed in a password
  • Not allowed in a password
  • Required in a password
You can place tight restrictions on passwords to require that:
  • Passwords must contain at least one ASCII alpha character
  • Passwords must contain a mixture of ASCII upper/lower case letters
  • No password can contain a database username
PasswordRestrictWords Determines whether passwords are rejected if they contain words in the Restricted Words list.
The system creates the DBC.SysSecDefaults table, and provides default values for the password control parameters, during system initialization.