There is a default password verify function under $ORACLE_HOME/rdbms/admin with filename utlpwdmg.sql. This script creates a password verify function named "verify_function" and alters the default profile with the below attributes:
ALTER PROFILE DEFAULT LIMIT
PASSWORD_LIFE_TIME 60
PASSWORD_GRACE_TIME 10
PASSWORD_REUSE_TIME 1800
PASSWORD_REUSE_MAX UNLIMITED
FAILED_LOGIN_ATTEMPTS 3
PASSWORD_LOCK_TIME 1/1440
PASSWORD_VERIFY_FUNCTION verify_function;
verify_function has the following attributes:
- Check if the password is same as the username
- Check for the minimum length of the password (default = 4)
- Check if the password is too simple. A dictionary of words may be maintained and a check may be made so as not to allow the words that are too simple for the password. ('welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd' words are not accepted as password by default)
- Check if the password contains at least one letter, one digit and one punctuation mark.
- Check if the password differs from the previous password by at least 3 letters.
You can customize this script to have different password verify function attributes, profile attributes and to apply to another profile.
ALTER PROFILE DEFAULT LIMIT
PASSWORD_LIFE_TIME 60
PASSWORD_GRACE_TIME 10
PASSWORD_REUSE_TIME 1800
PASSWORD_REUSE_MAX UNLIMITED
FAILED_LOGIN_ATTEMPTS 3
PASSWORD_LOCK_TIME 1/1440
PASSWORD_VERIFY_FUNCTION verify_function;
verify_function has the following attributes:
- Check if the password is same as the username
- Check for the minimum length of the password (default = 4)
- Check if the password is too simple. A dictionary of words may be maintained and a check may be made so as not to allow the words that are too simple for the password. ('welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd' words are not accepted as password by default)
- Check if the password contains at least one letter, one digit and one punctuation mark.
- Check if the password differs from the previous password by at least 3 letters.
You can customize this script to have different password verify function attributes, profile attributes and to apply to another profile.
No comments:
Post a Comment