Adaptive Server version 12.5.4 combines new and old mechanisms that let you to establish rules about passwords for new logins or for passwords that are being reset.
As with earlier versions of Adaptive Server, you can:
Require that passwords contain at least one digit.
Require that passwords have a minimum length.
Set a password expiration period.
Require that a login is locked out after a certain number of failed attempts.
Set an individual login to have its own rules for digits, minimum length, and login failures. The per-login rules override the global logins for that user.
However, in Adaptive Server version 12.5.4 you can also:
Specify that a login name cannot be a substring of the password.
Set a minimum number of special characters for the password.
Set a minimum number of alphabetic characters for the password
Set a minimum number of upper-case letters for the password.
Set a minimum number of lower-case letters for the password.
Specify that the password must be reset is the first time a login is used.
Set a minimum number of digits for the password.
Set a password expiration warning interval.
You can set each of these options in the Adaptive Server plug-in, or you can use:
sp_passwordpolicy 'set', option, value
For information about each new option and its valid values, see “New password complexity checks,” below.
Setting password complexity options creates a row for each option in the sysattributes table. If a row exists for a new option, precedence checking uses the new option value and ignores any older corresponding option values.
To return to earlier versions of password rules, unselect the password complexity options either, using the Adaptive Server plug-in, or use:
sp_passwordpolicy 'clear’, option
The new password complexity options include cross checks. For example, if the sum of the min lower case in password and min upper case in password is greater than the min alpha in password, a warning message displays.
