In previous versions, the minimum password length was a non-configurable, hard-coded value of six characters. The configurable password allows you to customize passwords to fit your needs such as using four-digit personal identification numbers (PINs) or anonymous logins with NULL passwords.
The System Security Officer can specify:
A globally enforced minimum password length
A per-login or per-role minimum password length
The per-login or per-role value overrides the server-wide value. Setting minimum password length affects only new passwords created after setting the value. It does not affect existing passwords.
Setting the server-wide minimum password length
Use the minimum password length configuration parameter to specify a server-wide value for minimum password length for both logins and roles.
This example sets the minimum password length for all logins and roles to 4 characters:
sp_configure "minimum password length", 4
For details on the syntax and rules for using minimum password length, see sp_configure.
Setting minimum password length for a specific login
To set the minimum password length for a specific login at creation, use sp_addlogin.
This example creates the new login “joe” with the password “Djdiek3”, and sets the minimum password length for “joe” to 4:
sp_addlogin joe, "Djdiek3", minimum password length=4
For details on the syntax and rules for using minimum password length, see sp_addlogin.
Setting minimum password length for a specific role
To set the minimum password length for a specific role at creation, use create role.
This example creates the new role intern_role with the password “temp244” and sets minimum password length for intern_role to 0:
create role intern_role with passwd "temp244", minimum password length 0
The original password is seven characters, but the password can be changed to one of any length because minimum password length is set to 0.
For details on the syntax and rules for using minimum password length, see create role.
Changing minimum password length for a specific login
Use sp_modifylogin to set or change minimum password length for an existing login. sp_modifylogin only effects user roles, not system roles.
Example 1 Changes minimum password length for the login “joe” to 8 characters.
sp_modifylogin "joe", @option="minimum password length", @value="8"
The value parameter is a character datatype; therefore, quotes are required for numeric values.
Example 2 Changes the value of the overrides for minimum password length for all logins to two characters.
sp_modifylogin "all overrides", @option="minimum password length", @value="-1"
Example 3 Removes the overrides for the minimum password length for all logins.
sp_modifylogin "all overrides", "minimum password length", @value="2"
For details on the syntax and rules for using minimum password length, see sp_modifylogin.
Changing minimum password length for a specific role
Use alter role to set or change minimum password length for an existing role.
Example 1 Sets the minimum length for physician_role, an existing role, to 5 characters:
alter role physician_role set minimum password length 5
Example 2 Overrides the minimum password length for all roles:
alter role "all overrides" set minimum password length -1
For details on the syntax and rules for using minimum password length, see alter role.