• After installing a new SEPM with a new SQL database, the rights "ALTER ANY LOGIN" are added to the "Public" SQL Server Role. 
• What rights are required in the "Public" Server Role in my SQL environment 

SEPM 14.0 and above connected to a SQL database

the public server role requires the following securables under "servers":

View any database
Alter any login

These permissions will automatically be added after DB creation. 
 

The "Alter any Login" securable is required to allow a password reset of the "REPORTER_DBNAME" account during a SEPM reconfigure from a SQL Authentication set-up to a Windows Authentication set-up. 
It was necessary to add this access as SQL Server doesn't support to grant alter just one specified user to a role.