SQL Anywhere 17 – Good-bye DBA/SQL
From its first release, SQL Anywhere has used a default user id and password for newly created databases: DBA/sql
While it is considered best practice to not use the DBA user and default password in your production database, we have found that customers do occasionally still release applications where the default connection uses DBA. Fortunately, it is relatively uncommon to find a customer production database that is using the default password.
In order to further encourage the use of a non-DBA user Id, the dbinit utility and the CREATE DATABASE statement will no longer use a default. You must specify a user id and password when you create a new database. Dbinit now requires you to specify the option “-dba <userid>,<password>” to specify the dba user and password for a new database. The CREATE DATABASE statement requires that you use the clauses “DBA USER <userid>” and “DBA PASSWORD <password>”
Furthermore, the default minimum password length has been increased to 6 from 3. However, you can control this to make it longer or shorter. The dbinit command line option “–mpl” and the CREATE DATABASE clause “MINIMUM PASSWORD LENGTH” allows you to specify a minimum password length in your new database. You can also change the minimum password length after the database is created by changing the database option min_password_length. Note that the password for the utility_db database must now be 6 characters in length.
A small change was also made to dbunload, since it can no longer use a default user id and password in the reload.sql script to rebuild a database. It has been changed to use a 16 byte, randomly generated value instead.
The utility database also no longer requires DBA as the sole username. The -su server option has changed from “-su <password>” to “-su <userid>,<password>” or “-su <password>” or “-su none”. The personal server continues to default to allowing connections to utility_db with user DBA and any password if the -su server option is not specified.