17.05 - Effects of Profile-Based Password Controls - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - SQL Data Definition Language Syntax and Examples

Advanced SQL Engine
Teradata Database
Release Number
January 2021
Content Type
Programming Reference
Publication ID
English (United States)

The effects of password controls specified in a profile definition vary from those controls applied directly to a user in a CREATE USER or MODIFY USER statement.

Password Control Attribute Effects
EXPIRE Applies to first level user to which the profile is assigned, and is effective immediately
MINCHAR and MAXCHAR Does not apply to first level user to which the profile is assigned, rather it applies only to the children of that user.

As a result of these second-level effects, if the user submitting the CREATE USER statement is a member of a profile that specifies values for password control attributes, the password the creator assigns in the CREATE USER statement must comply with the password controls in the creator profile.

Controls take effect at the first child user logon after the child is created or modified.

To apply password controls to first-level users not affected by profile-based controls, you can Allow the users to defer to the global controls in DBC.SysSecDefaults.

MAXLOGONATTEMPTS Applies to first level users to which the profile is assigned, at the next logon attempt.