create login


Creates a login account; specifies a password, a login profile for the account, and user-supplied parameters to be assigned to the account.


create login login_name with [encrypted] 
	password password 



specifies the name of the login account to be created.

with encrypted

specifies an encrypted password for the new login account.

password passwordValue

specifies a password for the new login account.


list of attributes and corresponding values to be added to the login account. The attribute_value_ pair_list is an attribute name and value. Specify one or more of the following:


Parameter Value


login profile

Valid values:

  • login_profile_name

  • ignore

  • login_profile_name binds the specified login profile to the specified login account.

  • ignore eliminates any login profile binding. A default login profile will not be applicable and attributes will be applied as they were prior to release 15.7.

If a login profile is not specified, a default login profile is applied. See “Applying login profile and password policy attributes” in the Security Administration Guide.


Valid values: Unique value between [-32768, 2147483647] excluding [-2, -1, 0, 1, 2].

By default an suid is generated and automatically assigned to the login account upon creation.



Full name of user who owns the login account.

Default is NULL.

login script


Specifies a valid stored procedure. Limited to 120 characters for a login script.

password expiration

Valid range: 0 to 32767 days.

Password expiration interval.

Default is 0, meaning the password never expires.

min password length

Valid range: 0 to 30.

Minimum password length required.

Default is 6.

max failed attempts

Valid range: -1 to 32767.

Number of login attempts allowed after which the login account is locked.

-1 indicates the failed count is tracked but not locked.

Default is 0, meaning the failed count is not tracked and the account is not locked due to failed login attempts.

default database


Specifies a database to be the default.

Default is Master.

default language


Specifies a language to be the default.

Default is us_english

authenticate with


Specifies the mechanism used for authenticating the login account.

When ANY is used, Adaptive Server checks for a defined external authentication mechanism. If one is defined, Adaptive Server uses the defined mechanism., otherwise the ASE mechanism is used.

If authenticate with authentication mechanism is not specified, ANY will be used for the login account.

exempt inactive lock

Valid values: TRUE or FALSE

Specifies whether or not to exempt login accounts from being locked due to inactivity.

Default is FALSE which indicates accounts are not exempt.


Example 1

Creates a login account with password itsA8ecret, applies the login profile emp_lp, applies server user ID 7, and specifies that the account will not be locked due to inactivity

Example 2

create login ravi with password itsA8ecret login profile
emp_lp suid 7 exempt inactive lock true



ANSI SQL – Compliance level: Transact-SQL extension.


You must have sso_role privileges to create login accounts.


Values in event and extrainfo columns of sysaudits are:


Audit option

Command or access audited

Information in extrainfo



create login

Keywords contain: WITH attribute_value_pair_list

See also

Commands create login profile, alter login, alter login profile, drop login, drop login profile

Documents For more information about creating login accounts, see the Security Administration Guide. For precedence rules, see “Applying login profile and password policy attributes,” in the Security Administration Guide.

Functions lprofile_id, lprofile_name

System procedures sp_passwordpolicy, sp_displaylogin, sp_displayroles, sp_locklogin