17.10 - Password History - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572
To aid in researching password reuse status, Teradata Vantage saves all previously used passwords in the DBC.OldPasswords table. When users successfully change their password, the system:
  • Writes a row containing the current password to DBC.OldPasswords.
  • Deletes old password rows for the user with a date earlier than the current date minus the PasswordReuse time span from DBC.OldPassword.
    If you reset a user password, the system does not enforce any PasswordReuse restriction that would normally apply to that password. PasswordReuse restrictions only apply when users reset their own passwords.

The DBC.OldPassword table contains the following information.

Column Description
UserName Identity of the user to which the password was assigned.
PasswordDate Date the password was changed for the user.
EncryptionFlag Identifies whether the password is encrypted by DES or SHA-256.
PasswordSalt SHA Standard seed needed to encrypt the password.
EncryptedPassword Encrypted password string.
EncryptedPasswordLength
  • DES encrypted passwords = 8 bytes
  • SHA-256 passwords = 32 bytes