If a user who has key copies encrypted by his or her login password loses that password, the key custodian can recover access for the user.
The SSO uses alter login to issue “bill” a new login password. SAP ASE drops any key copies assigned to “bill” for login association or key copies already encrypted by “bill”’s login password.
alter encryption key k1 with passwd 'masterofsecrets' add encryption for bill for login_association
This step assumes the key custodian still knows the base key’s password. If the key’s encryption password is unknown, the key custodian must first follow the key recovery procedure.
select emp_salary from emp where name like 'Prisicilla%'