Use this statement to alter user settings.

Syntax 1

ALTER USER user-name [ IDENTIFIED BY password ]
 [ LOGIN POLICY policy-name ]
 [ FORCE PASSWORD CHANGE { ON | OFF } ]

Syntax 2

ALTER USER user-name
[ RESET LOGIN POLICY ]

Parameters

Remarks

User IDs and passwords cannot:

• begin with white space, single quotes, or double quotes
• end with white space
• contain semicolons

A password can be either a valid identifier, or a string (maximum 255 bytes) placed in single quotes. Passwords are case sensitive. It is recommended that the password be composed of 7-bit ASCII characters, as other characters may not work correctly if the database server cannot convert them from the client's character set to UTF-8.

The verify_password_function option can be used to specify a function to implement password rules (for example, passwords must include at least one digit). If a password verification function is used, you cannot specify more than one user ID and password in the GRANT CONNECT statement. See verify_password_function option [database].

If you set the password_expiry_on_next_login value to ON, the user's password expires immediately when they next login even if they are assigned to the same policy. You can use the ALTER USER and LOGIN POLICY clauses to force a user to change their password when they next login.

Permissions

Any user can change their own password. All other changes require DBA authority.

Side effects

None.

See also

• ALTER LOGIN POLICY statement
• COMMENT statement
• CREATE LOGIN POLICY statement
• CREATE USER statement
• DROP LOGIN POLICY statement
• DROP USER statement
• Managing login policies overview
• Assigning a login policy to an existing user
• GRANT statement

Standards and compatibility

Example

The following alters a user named SQLTester. The password is set to "welcome". The SQLTester user is assigned to the Test1 login policy and the password does not expire on the next login.

ALTER USER SQLTester IDENTIFIED BY welcome
LOGIN POLICY Test1
FORCE PASSWORD CHANGE off;