16.10 - Resetting the Password Expiration Interval - Teradata Database

Teradata Database Security Administration

Teradata Database
June 2017

You should set passwords to expire as part of basic system setup, as described in Creating the Security Administrator User. If you are unsure whether or not passwords are set to expire on your system, execute one of the following SQL statements to check the value:

  • SELECT ExpirePassword FROM DBC.SecurityDefaultsV;

    This global value affects all users. If the value is 0, you can reset it to a non-zero value. Teradata recommends that you set the password expiration interval to a value between 90 and 270 days. Reset the value as follows:

    UPDATE DBC.SysSecDefaults
    SET ExpirePassword=90;
    You must restart the database for this change to take effect.
  • SELECT profile_name , ExpirePassword FROM DBC.ProfileInfoV;

    This value affects only users that are members of the profile. If the value for EXPIRE is 0 or NULL, MODIFY the profile to specify a non-zero value, as follows:

    MODIFY PROFILE  profile_name  AS PASSWORD = (EXPIRE = 90);

If you change the expiration value in either a profile or the system table, the system causes all affected user passwords to expire.