Use this statement to alter the user's authentication details.
- If password authentication is set, then a user can always change its own password.
- To set a new password for other users or define the Kerberos/LDAP authentication you need to have the system privilege ALTER USER.
- If you have the system privilege ALTER USER, then REPLACE clause is optional and the old password is not verified.
- For security reasons, the old password must also be specified if a user wishes to change their own password (unless the user has the system privilege ALTER USER).
- Passwords are treated as SQL identifiers and are governed by the same rules regarding allowed characters, case sensitivity, etc. For more information, refer to the SQL Identifier section.
- For details about the expected string values for the PASSWORD_EXPIRY_POLICY parameter, refer to Password Expiry Policy.
- For information on Kerberos/LDAP authentication and the rules for password creation, refer to the CREATE USER statement.