DB2 8.2
Various OS


Our group is being asked to satisfy an audit by changing our Unix ID/passwords once every 90 days. Currently we have not followed this standard and have gotten gotten away with sloppy authentication standards because we reuse the same ID/passwords. So we have scripts/application/files hardcoded with password info. That would need to all be changed when the database ID changes. Basically I'm looking for some thoughts and ideas on this. What practices have been used that can secure passwords but also easy to maintain when a password reset is required.


Thanks,

Charlie

Since you can use any arbitrary serucity plugin with DB2 LUW, this question is really hard to answer. However, if you are using the default security plugin that refer to the underlying operating system for authorization, you will just have to change the password at the OS level.

If you are using DB2 federation, it may be a bit more involved because you have to adjust your user mappings.