Contents Index Controlling database access Controlling the tasks users can perform

SQL Anywhere Studio Security Guide
  Keeping Your Data Secure
    Controlling database access

Increasing password security


Passwords are an important part of any database security system. To be secure, passwords must be difficult to guess, and they must not be easily accessible on users' hard drives or other locations.

Implement minimum password lengths 

By default, passwords can be any length. For greater security, you can enforce a minimum length requirement on all new passwords. You do this by setting the MIN_PASSWORD_LENGTH database option to a value greater than zero. The following statement enforces passwords to be at least 8 bytes long.

SET OPTION PUBLIC.MIN_PASSWORD_LENGTH = 8

For more information, see MIN_PASSWORD_LENGTH option [database].

Do not include passwords in ODBC data sources 

Passwords are the key to accessing databases. They should not be easily available to unauthorized people in a security-conscious environment.

When you create an ODBC data source, or a Sybase Central connection profile, you can optionally include a password. Avoid including passwords for greater security.

For information on creating ODBC data sources, see Creating an ODBC data source.

Encrypt command files containing passwords 

When you create a configuration file, you can optionally include password information. To protect your passwords, consider hiding the contents of configuration files with simple encryption, using the File Hiding [dbfhide] utility.

For information on the File Hiding [dbfhide] utility, see The File Hiding utility.


Contents Index Controlling database access Controlling the tasks users can perform