Changing a password

Changing a user's password

If you have DBA or PERMS ADMIN authority, you can change the password of any existing user with the following command:

ALTER USER userid IDENTIFIED BY password

If you inadvertently enter the user ID of an existing user when you mean to add a new user, you are actually changing the password of the existing user. You do not receive a warning because this behavior is considered normal. This behavior differs from pre-Version 12 Sybase IQ.

To avoid this situation, use the sp_iqaddlogin system procedure or the CREATE USER to add users. You may also use the sp_addlogin and sp_adduser system procedures. These procedures give you an error if you try to add an existing user ID, as in Adaptive Server Enterprise and pre-Version 12 Sybase IQ.

Implementing password rules

You can set up password rules and verify that any new password assigned complies with them. For example, you might require that passwords must include one digit or must not be the user ID. For details, see “VERIFY_PASSWORD_FUNCTION option” in the Reference: Statements and Options.

To set a minimum password length, see “MIN_PASSWORD_LENGTH option” in the Reference: Statements and Options.

Changing the DBA password

The user ID DBA identifies a user with full administration and resource creation rights. The default password for user ID DBA for all databases is sql. You should change this password to prevent unauthorized access to your database. The following command changes the password for user ID DBA to new_password:

ALTER USER DBA
IDENTIFIED BY new_password

To change the DBA password, you must have DBA or PERMS ADMIN authority.

If you are using dbisql, it is a good idea to put your permission grants into a command file for reference and so that it can be modified and run again if it is necessary to recreate the permissions.