Help Center > > Developer Guide> Database Security Management> Setting Security Policies> Setting Account Security Policies

Setting Account Security Policies

Updated at: Sep 17, 2021 GMT+08:00

Background

For data security purposes, GaussDB(DWS) provides a series of security measures, such as automatically locking and unlocking accounts, manually locking and unlocking abnormal accounts, and deleting accounts that are no longer used.

Automatically Locking and Unlocking Accounts

  • If a user fails to enter the correct password for over 10 times during database connection, the system automatically locks the account.
  • An account is automatically unlocked one day after it was locked.

Manually Locking and Unlocking Accounts

If administrators detect an abnormal account that may be stolen or illegally accesses the database, they can manually lock the account.

The administrator can also manually unlock the account if the account becomes normal again.

For details about how to create a user, see Users. To manually lock and unlock user joe, run commands in the following format:

  • To manually lock the user:
    1
    2
    ALTER USER joe ACCOUNT LOCK;
    ALTER USER
    
  • To manually unlock the user:
    1
    2
    ALTER USER joe ACCOUNT UNLOCK;
    ALTER USER
    

Deleting Accounts that Are No Longer Used

An administrator can delete an account that is no longer used. This operation cannot be rolled back.

When an account to be deleted is in the active state, it is deleted after the session is disconnected.

For example, if you want to delete account joe, run the command in the following format:

1
2
DROP USER joe CASCADE;
DROP USER

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel