Create Profile in Vertica Database

A profile controls:

  • How often users must change their passwords.
  • How many times users must change their passwords before they can reuse an old password.
  • How many times users can fail to log in before their account is locked.
  • The required length and content of the password (maximum and minimum amount of characters and the minimum number of letters, capital letters, lowercase letters, digits, and symbols that must be in a password).
  • Profiles are need to enforce diferent classes of users and diferent policies depending on the user/group you asign them to. If no profile is asigned to the user when created the DEFAULT profile will be asigned to him. Syntax:
    CREATE PROFILE "name" LIMIT
    ... [PASSWORD_LIFE_TIME {life-limit | DEFAULT | UNLIMITED}]
    ... [PASSWORD_GRACE_TIME {grace_period | DEFAULT | UNLIMITED}]
    ... [FAILED_LOGIN_ATTEMPTS {login-limit | DEFAULT | UNLIMITED}]
    ... [PASSWORD_LOCK_TIME {lock-period | DEFAULT | UNLIMITED}]
    ... [PASSWORD_REUSE_MAX {reuse-limit | DEFAULT | UNLIMITED}]
    ... [PASSWORD_REUSE_TIME {reuse-period | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MAX_LENGTH {max-length | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MIN_LENGTH {min-length | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MIN_LETTERS {min-letters | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MIN_UPPERCASE_LETTERS {min-cap-letters | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MIN_LOWERCASE_LETTERS {min-lower-letters | DEFAULT | UNLIMITED}]
    ... [PASSWORD_MIN_DIGITS {min-digits | DEFAULT | UNLIMITED}]
    Example:
    CREATE PROFILE "Manager_Group"
      LIMIT
      failed_login_attempts             3   --
      password_life_time               30   -- days
      password_reuse_time              12   --
      password_reuse_max        unlimited   --
      password_lock_time          default   -- days
      password_grace_time               2   -- days
      password_min_digits               1   -- number of digits required
      ;
    The combinations are unlimited and mostly depend on you application requirements.