Once a user has been assigned a key copy, he or she can use alter encrypton key to modify the key copy’s password. For the appropriate alter encryption key syntax, see “Changing a key’s password”.
This example shows how a user assigned a key copy alters the copy to access data through his or her personal password:
Key custodian Razi sets up a key copy on an existing key for Bill and encrypts it with a temporary password:
alter encryption key key1 with passwd 'MotherOfSecrets' add encryption with passwd 'just4bill' for user bill
Razi sends Bill his password for access to data through key1.
Bill assigns a private password to his key copy:
alter encryption key Razi.key1 with passwd 'just4bill' modify encryption with passwd 'billswifesname'
Only Bill can change the password on his key copy. When Bill
enters the command above, Adaptive Server verifies that a key copy
exists for Bill. If no key copy exists for Bill, Adaptive Server
assumes you are attempting to modify the password on the base key
and returns error message 10304: Only the owner
of object '<keyname>' or a user with sso_role can run
this command.
