System Administrators and System Security Officers can:
Use |
To |
|---|---|
sp_addlogin |
Specify the expiration interval for a login password at creation |
sp_modifylogin |
Change the expiration interval for a login password. sp_modifylogin only effects user roles, not system roles. |
create role |
Specify the expiration interval for a role password at creation |
alter role |
Change the expiration interval for a role password |
The following rules apply to password expiration for logins and roles:
A password expiration interval assigned to individual login accounts or roles overrides the global password expiration value. This allows you to specify shorter expiration intervals for sensitive accounts or roles, such as System Security Officer passwords, and more relaxed intervals for less sensitive accounts such as an anonymous login.
A login or role for which the password has expired is not directly activated.
For details on the syntax and rules for the commands and system procedures, see the Reference Manual.
