Help Center > > Developer Guide> Database Security Management> Setting Account Security Policies> Setting Account Security Locking Policies

Setting Account Security Locking Policies

Updated at: Mar 13, 2020 GMT+08:00

Context

For data security purposes, DWS provides a series of security measures, such as automatically locking and unlocking accounts, manually locking and unlocking abnormal accounts, and deleting accounts that are no longer used.

Automatically Locking and Unlocking Accounts

  • If the consecutive times that a user fails to enter the correct password reach the upper limit 10 during database connection, the system automatically locks the account for account security.
  • An account that has been locked for one day is automatically unlocked.

Manually Locking and Unlocking Accounts

Once detecting that an account is stolen or the account is used to access the database without being authorized, administrators can manually lock the account.

The administrator can also manually unlock the account if the account becomes normal again.

For example, run the following command to manually lock and unlock the user user_read:

  • To manually lock the account, run the following command:
    1
    ALTER USER user_read ACCOUNT LOCK;
    

    If the following information is displayed, the user has been locked:

    ALTER ROLE
  • To manually unlock the account, run the following command:
    1
    ALTER USER user_read ACCOUNT UNLOCK;
    

    If the following information is displayed, the user has been unlocked:

    ALTER ROLE

Deleting Accounts that Are No Longer Used

An administrator can delete an account that is no longer used. This operation cannot be rolled back.

When an account to be deleted is in active state, it is deleted after the session is disconnected.

For example, run the following command to delete the account user_read:

1
DROP USER user_read CASCADE;

If the following information is displayed, the account has been deleted:

DROP ROLE

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel