To ensure that users have only the authorizations they need for their work, we recommend the following measures:
Create an authorization concept that specifies clear authorizations for individual users:
Define which database users are to have access to which data and database objects in the database.
Define which DBM operators are to carry out which administration tasks.
Create a separate database user for each person who works with the database.
Use strong passwords that cannot be guessed by other users.
Creating Database Users
Use Database Studio to create database users or use the CREATE USER SQL statement.
Database Studio, Creating Database Users
SQL Reference Manual, CREATE USER Statement
Changing the Authorizations of Database Users
Use Database Studio to change the authorizations of database users for database objects (using SQL statements):
Database Studio, Working with SQL Statements: Overview
SQL Reference Manual, Authorization