Configuring a Password Expiration Policy
Scenarios
Using the same password too long makes it easier for hackers to crack or guess your password. Requiring password changes after a certain amount of time can improve security.
You can configure a password expiration policy for your instance in either of the following ways:
- Modify the database parameter: RDS for MySQL 5.7 and 8.0 allow you to set the global variable default_password_lifetime to define the number of days before your password expires and must be changed.
- Configure the password expiration policy through DAS: Different password expiration policies can be configured for different users.
Precautions
- Once your password expires, you cannot log in to the database.
- After the password expiration policy is configured, you need to periodically check whether your password is about to expire.
Modifying the Database Parameter
- Log in to the management console.
- Click
in the upper left corner and select a region and a project. - Click
in the upper left corner of the page and choose Databases > Relational Database Service. - On the Instances page, click the instance name.
- In the navigation pane, choose Parameters.
- On the displayed page, change the value of default_password_lifetime.
The value of this parameter indicates how many days until a password expires. The default value is 0, indicating that the created user password will never expire.
- Click Save. In the displayed dialog box, click Yes.
Configuring the Password Expiration Policy Through DAS
- Log in to the management console.
- Click in the upper left corner and select a region and a project.
- Click in the upper left corner of the page and choose Databases > Relational Database Service.
- On the Instances page, locate the DB instance and click Log In in the Operation column.
Alternatively, click the target DB instance on the Instances page. On the displayed Basic Information page, click Log In in the upper right corner of the page.
- Enter the username and password and click Log In.
- Choose SQL Operations > SQL Query.
- In the editing area, compile the statement shown below. The unit of password_life_time is day. You are advised to set it to 180.
ALTER USER username PASSWORD EXPIRE INTERVAL password_life_time DAY;
- Click Execute SQL. Then, view SQL execution status on the Executed SQL Statements, Messages, and Result tab pages.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
