Summary information |
|
|---|---|
Default value |
0 |
Range of values |
-1 – 32767 |
Status |
Dynamic |
Display level |
10 |
Required role |
System security officer |
Configuration group |
Security Related |
maximum failed logins allows you to set the server-wide maximum number of failed login attempts for logins and roles.
A value of -1 indicates that the failed login count in the syslogins column logincount is updated whenever an authentication failure occurs, but that the account is not locked. Compare with a 0 (zero) value, which avoids incrementing the column for every failed authentication and avoids locking the account due to authentication failures.
To set the system-wide maximum failed logins to 5, enter:
sp_configure "maximum failed logins", 5
Use create role to set maximum failed logins for a specific role or creation. To create the intern_role role with the password “temp244”, and set maximum failed logins for intern_role to 20, enter:
create role intern_role with passwd "temp244", maximum failed logins 20
Use sp_modifylogin to set or change maximum failed logins for an existing login. To change maximum failed logins for the login “joe” to 40, enter:
sp_modifylogin "joe", @option="maximum failed logins", @value="40"
The value parameter is a character datatype;
therefore, quotes are required for numeric values.
To change the overrides for maximum failed logins for all logins to 3, enter:
sp_modifylogin "all overrides", "maximum failed logins", "3"
To remove the overrides for maximum failed logins option for all logins, enter:
sp_modifylogin "all overrides", @option="maximum failed logins", @value="-1"
Use alter role to set or change the maximum failed logins for an existing role. For example, to change the maximum failed logins allowed for physician_role to 5, enter:
alter role physician_role set maximum failed logins 5
To remove the overrides for maximum failed logins for all roles, enter:
alter role "all overrides" set maximum failed logins -1
