A
custom stored procedure that can contain user-defined logic for
password complexity checks. You can configure sp_extrapwdchecks according
to your security needs. Install sp_extrapwdchecks in
the master database.
Syntax
sp_extrapwdchecks caller_password, new_password, login_name
Parameters
- caller_password – specifies the current password.
- new_password – specifies the new password being set.
- login_name – specifies the login name associated with the password
being changed or added.
Usage
-
sp_extrapasswordchecks must use
raiserror to signal a failure to the SAP ASE
server. Use sp_addmessage to add error message for
this failure in the SAP ASE server.
Note:
Do not use raiserror to get the expected
behaviour. raiserror updates the
@@error global
variable. @@error is also
updated each time you execute a T-SQL statement, including
print and if. If
raiserror is followed by any T-SQL statement,
@@error gets
overwritten, and sp_extrapwdchecks fails to
return an error for a failed password if
raiserror is followed by any TSQL
statement.
- sp_extrapwdchecks allows NULL values for
caller_password and loginame
parameters.
The caller_password parameter is NULL
when :
- The system security officer creates a new login account using
create login command.
- The system security officer modifies the login account's password
using alter login … modify password command.
The
loginame parameter is NULL when:
- The system security officer creates a new login account using
the create login command.