Use this statement to alter the user's authentication details.
- If password authentication is set, then a user can always change its own password.
- To set a new password for other users or define the Kerberos/LDAP authentication you need to have the system privilege ALTER USER.
- If you have the system privilege ALTER USER the REPLACE clause is optional and the old password is not verified.
- For security reasons, the old password must also be specified if a user wishes to change their own password (unless the user has the system privilege ALTER USER).
- Passwords are treated as SQL identifiers and are governed by the same rules regarding allowed characters, case sensitivity, etc. For more information, see SQL Identifier.
- For details about the expected string values for the PASSWORD_EXPIRY_POLICY parameter, see Password Expiry Policy.
- For information on Kerberos/LDAP authentication and the rules for password creation, see CREATE USER.