Setting and changing minimum password length

In previous versions, the minimum password length was a non-configurable, hard-coded value of six characters. The configurable password allows you to customize passwords to fit your needs such as using four-digit personal identification numbers (PINs) or anonymous logins with NULL passwords.

The System Security Officer can specify:

The per-login or per-role value overrides the server-wide value. Setting minimum password length affects only new passwords created after setting the value. It does not affect existing passwords.

StepsSetting the server-wide minimum password length

  1. Use the minimum password length configuration parameter to specify a server-wide value for minimum password length for both logins and roles.

    This example sets the minimum password length for all logins and roles to 4 characters:

    sp_configure "minimum password length", 4
    

    For details on the syntax and rules for using minimum password length, see sp_configure.

StepsSetting minimum password length for a specific login

  1. To set the minimum password length for a specific login at creation, use sp_addlogin.

    This example creates the new login “joe” with the password “Djdiek3”, and sets the minimum password length for “joe” to 4:

    sp_addlogin joe, "Djdiek3", minimum password length=4
    

    For details on the syntax and rules for using minimum password length, see sp_addlogin.

StepsSetting minimum password length for a specific role

  1. To set the minimum password length for a specific role at creation, use create role.

    This example creates the new role intern_role with the password “temp244” and sets minimum password length for intern_role to 0:

    create role intern_role with passwd "temp244", minimum password length 0
    

    The original password is seven characters, but the password can be changed to one of any length because minimum password length is set to 0.

    For details on the syntax and rules for using minimum password length, see create role.

StepsChanging minimum password length for a specific login

  1. Use sp_modifylogin to set or change minimum password length for an existing login. sp_modifylogin only effects user roles, not system roles.

    Example 1 Changes minimum password length for the login “joe” to 8 characters.

    sp_modifylogin "joe", @option="minimum password length", @value="8"
    

    NoteThe value parameter is a character datatype; therefore, quotes are required for numeric values.

    Example 2 Changes the value of the overrides for minimum password length for all logins to two characters.

    sp_modifylogin "all overrides", @option="minimum password length", @value="-1"
    

    Example 3 Removes the overrides for the minimum password length for all logins.

    sp_modifylogin "all overrides", "minimum password length", @value="2"
    

    For details on the syntax and rules for using minimum password length, see sp_modifylogin.

StepsChanging minimum password length for a specific role

  1. Use alter role to set or change minimum password length for an existing role.

    Example 1 Sets the minimum length for physician_role, an existing role, to 5 characters:

    alter role physician_role set minimum password length 5
    

    Example 2 Overrides the minimum password length for all roles:

    alter role "all overrides" set minimum password length -1
    

For details on the syntax and rules for using minimum password length, see alter role.