This blog and next week’s will discuss Oracle12 password stuff.
As discussed last week, Oracle12 has implemented a password complexity scheme. In Oracle12, the password must be at least 8 positions long, and contain a mix of lower case/upper case/and numeric/special characters.
For this reason, I have changed my default training user from USER1 to Student01. I like the passwords to be the same as the user id in class. I also use this syntax to turn off password expiring, password history, and password failed login attempts.
ALTER PROFILE default LIMIT failed_login_attempts unlimited;
ALTER PROFILE default LIMIT password_life_time unlimited;
ALTER PROFILE default LIMIT password_reuse_time 0;
Now, my class passwords will not expire, they can be reset to the same password, and they can try many times to get the password correct.
Oracle11 implemented some of these things as well…such as the expiring passwords. I’ve had to set the password_life_time and failed_logi_attempts on my Oracle11 databases as well.
Here is a chart of the settings, their default values and a brief description of what they mean:
Account locked when this number of failed attempts is reached before a successful login
Number of days the account will be locked after the above failed_login_attempts have been reached
Number of days after password has expired to change the password
Number of days before a password expires
Number of password changes before the same password can be used again
Number of days before the same password can be reused
Used to implement a stronger password complexity scheme…discussed last week
Have a good week.
Dan HotkaOracle ACE DirectorInstructor/Author/CEO
Actually most of the profile and verification stuff was introduced back in 10g. In fact all the above chart were first available in 10g.
Actually these settings in the chart were all available as far back as 8i!