An example of changing the username is
ALTER USER Mary5 WITH NAME = Mary51;
(from
https://learn.microsoft.com/en-us/sql/t-sql/statements/alter-user-transact-sql?view=sql-server-2017
)
However that requires special permission.
I am looking for a way to change the username from only having the username and password of the same simple user of whom I want to change
such as
ALTER LOGIN ALogin WITH PASSWORD = 'Se6ure?' OLD_PASSWORD = '2Secr#s';
which is an example from https://sqlity.net/en/2322/change-password/.
This means the user themselves can alter their own password without any special permission, I want the same but for usernames.
(I used this as ALTER USER AUser WITH PASSWORD = 'Se6ure?' OLD_PASSWORD = '2Secr#s'; because I'm only altering users, not logins)
So overall, is there any way of altering a username of a user given you have the password and username of the same user and that user hasn't been granted any special permissions?
Related
I have created a share and added that share to a reader account.
Now I have executed a create user statement there in the reader account i.e.
CREATE or replace USER client_test
PASSWORD = 'Client4321'
LOGIN_NAME = 'client'
DISPLAY_NAME = 'client test'
FIRST_NAME = 'client'
LAST_NAME = 'test'
EMAIL = 'mukul.kumar#gmail.com'
DEFAULT_ROLE = sysadmin;
This statement gets executed without any error and also I can see the user details under the account tab in snowflake UI
but still, when I am trying to login into this newly created user, there is an error of incorrect username or password coming up.
Is creating a user in a reader account not allowed or anything like there in snowflake?
I haven't found documentation on this as such. It will be appreciated if anyone helps me out with this.
The issue here is that the login_name is the one which should be used for logging in to the SF application. Use "client" and "Client4321" to login and it will be successful.
When we create users/roles (see examples below) how are the passwords stored persistently? Are these stored in some encrypted form, and not as plain text?
# YSQL
CREATE USER tester WITH PASSWORD 'test_password';
or,
# YCQL
CREATE ROLE IF NOT EXISTS john WITH PASSWORD = 'test_password' AND LOGIN = true
For both APIs they are stored in an encrypted form.
create login sea with password = 'Atlantic-ocean';
A GRANT statement to execute if we allow the above 'sea'
login to create another login called 'jellyfish' with a password 'Jelly-fish'.
create user jellyfish for login sea;
grant alter user jellyfish
with password = 'Jelly-fish';
msg 33234 parameter password cannot be provided for users that cannot
authenticate in a database.
I am working on ATG11.2 , my requirement is as below:
User will click on forgot password button, a link with encoded user id and a temporary password will be sent to email. User will click on the link sent in email and will be redirected to ResetPassword.jsp where he will get an option to fill temporary password which is sent in email, new password and confirm password respectively
I am using ForgotPasswordHandler for this implementation. I have read that forgotpasswordhandler method replaces the password property with the new generated password. Therefore m storing the input box value of temporary password in ProfileFormHandler.value.oldpassword
The values are as below:
Temporary Password :
New Password:
ConfirmPassword
But , when I am debugging handleChangePassword method in ProfileForm it is not able to compare the passwords properly. Please suggest if my approach is correct , or what do I need to override in gmethod if any required.
ATG stores passwords in encrypted format.
You need to store your oldPassword in encrypted format too. The passwords will not be equal unless both the passwords are hashed and are same.
I have a Store procedure to create auto generate SQl users.
code to create User
CREATE LOGIN userName with PASSWORD= 'autoGeneratedPass'
Problem: When the auto generated Password is weak then i got the below error
Password validation failed. The password does not meet Windows policy requirements because it is too short.
so i turned off Windows policy checking
Code
CREATE LOGIN userName with PASSWORD= 'autoGeneratedPass' CHECK_POLICY = OFF
If i did that any hidden problem arise?