A custom stored procedure that can contain user-defined logic for password complexity checks. You can configure sp_extrapwdchecks according to your security needs. Install sp_extrapwdchecks in the master database.


sp_extrapwdchecks caller_password, new_password, login_name



  • sp_extrapasswordchecks must use raiserror to signal a failure to the SAP ASE server. Use sp_addmessage to add error message for this failure in the SAP ASE server.

    Note: Do not use raiserror to get the expected behaviour. raiserror updates the @@error global variable. @@error is also updated each time you execute a T-SQL statement, including print and if. If raiserror is followed by any T-SQL statement, @@error gets overwritten, and sp_extrapwdchecks fails to return an error for a failed password if raiserror is followed by any TSQL statement.
  • sp_extrapwdchecks allows NULL values for caller_password and loginame parameters.

    The caller_password parameter is NULL when :

    • The system security officer creates a new login account using create login command.
    • The system security officer modifies the login account's password using alter login … modify password command.
    The loginame parameter is NULL when:
    • The system security officer creates a new login account using the create login command.