DESCRIBE PASSWORD POLICY¶
描述有关密码策略的详细信息。
DESCRIBE 可以缩写为 DESC。
- 另请参阅:
语法¶
DESC[RIBE] PASSWORD POLICY <name>
参数¶
name密码策略的标识符;对于您的账户必须是唯一的。
标识符值必须以字母字符开头,且不能包含空格或特殊字符,除非整个标识符字符串放在双引号内(例如
"My object")。放在双引号内的标识符也区分大小写。有关更多详细信息,请参阅 标识符要求。
访问控制要求¶
用于执行此 SQL 命令的 角色 必须至少具有以下 一项 权限:
权限 |
对象 |
备注 |
|---|---|---|
APPLY PASSWORD POLICY |
账户 |
|
OWNERSHIP |
密码策略 |
OWNERSHIP is a special privilege on an object that is automatically granted to the role that created the object, but can also be transferred using the GRANT OWNERSHIP command to a different role by the owning role (or any role with the MANAGE GRANTS privilege). |
请注意,对架构中的对象进行操作还需要对父数据库和架构具有 USAGE 权限。
有关创建具有指定权限集的自定义角色的说明,请参阅 创建自定义角色。
有关对 安全对象 执行 SQL 操作的相应角色和权限授予的一般信息,请参阅 访问控制概述。
有关密码策略 DDL 和权限的其他详细信息,请参阅 管理密码策略。
使用说明¶
若要对此命令的输出进行后处理,可以使用 RESULT_SCAN 函数,该函数会将输出视为可查询的表。
示例¶
DESC PASSWORD POLICY password_policy_prod_1;
+-----------------------------------+----------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------------+
| property | value | default | description |
+-----------------------------------+----------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------------+
| NAME | PASSWORD_POLICY_PROD_1 | null | Name of password policy. |
| OWNER | PROD_ADMIN | null | Owner of password policy. |
| COMMENT | production account password policy | null | user comment associated to an object in the dictionary |
| PASSWORD_MIN_LENGTH | 12 | 8 | Minimum length of new password. |
| PASSWORD_MAX_LENGTH | 24 | 256 | Maximum length of new password. |
| PASSWORD_MIN_UPPER_CASE_CHARS | 2 | 1 | Minimum number of uppercase characters in new password. |
| PASSWORD_MIN_LOWER_CASE_CHARS | 2 | 1 | Minimum number of lowercase characters in new password. |
| PASSWORD_MIN_NUMERIC_CHARS | 2 | 1 | Minimum number of numeric characters in new password. |
| PASSWORD_MIN_SPECIAL_CHARS | 2 | 0 | Minimum number of special characters in new password. |
| PASSWORD_MIN_AGE_DAYS | 1 | 0 | Period after a password is changed during which a password cannot be changed again, in days. |
| PASSWORD_MAX_AGE_DAYS | 30 | 90 | Period after which password must be changed, in days. |
| PASSWORD_MAX_RETRIES | 5 | 5 | Number of attempts users have to enter the correct password before their account is locked. |
| PASSWORD_LOCKOUT_TIME_MINS | 30 | 15 | Period of time for which users will be locked after entering their password incorrectly many times (specified by MAX_RETRIES), in minutes |
| PASSWORD_HISTORY | 5 | 24 | Number of most recent passwords that may not be repeated by the user |
+-----------------------------------+----------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------------+