The Largest Online Resource for Oracle Articles, Oracle Tips, Oracle Scripts & Oracle Tools!!

Enter your Email:

Navigate at FreeMegaZone Home Articles Tools Jobs Games Support Submit Content Advertise

Advertise at FreeMegaZone

Give tremendous boost to your business by advertising at FreeMegaZone. Contact webmaster@freemegazone.com

Tricky Password Features in Oracle 11g!!

Page: 1 2 3

Oracle 11g has blessed database administrators with several new password security features. One should be aware of these enhancements as they can have potential upgrade impacts. In this article I will discuss these tricky new password features and enhancements in Oracle 11g.

Password Settings:

The database user will be assigned a default profile if a specific profile is not assigned to him. Below table shows the password related settings for the default profile in Oracle 11g.

Resource Name	Oracle Database 11g
Failed_login_attempts	10
Password_grace_time	7 (days)
Password_life_time	180
Password_lock_time	1 (days)
Password_reuse_max	Unlimited
Password_reuse_time	Unlimited

Viewing Password Settings:

These new settings can be seen by running the below query.

SELECT profile, resource_name, limit
FROM dba_profiles
WHERE profile='DEFAULT';

password_life_time parameter:

The setting of the password_life_time parameter while upgrading to Oracle 11g.
Oracle will start enforcing the password lifetime of 180 days, rather than the previous default of unlimited, once the upgrade is complete.
Consider the implications of this change in your upgrade plans and either change this setting or inform your users on how to change their passwords if they do not already know how to do so.

Password verification routine:

Oracle provides password verification routine for some time. This routine can be found in the script $ORACLE_HOME/rdbms/admin/utlpwdmg.sql.

The password verification function is not loaded or enabled in Oracle 11g by DBUA when upgrading a database, or by DBCA when creating a new database. Therefore, as with previous versions of the Oracle Database, you will need to manually run this script to take advantage of this new feature.

There exists old version (verify_function) and a new version (verify_function_11G) of the password verification routine in utlpwdmg.sql. If you run the utlpwdmg.sql script, both copies of the password verification routine will be loaded into your database. The script also includes the ALTER PROFILE commands to update the default profile with the correct default profile settings. The default profile will be configured to use the verify_function_11G verification function and not the verify_function.

Password checks:

Below password checks occur in the verify_function_11G password verification function.

The password must be a minimum of eight characters in length.
The password must include one digit and one alpha character.
Simple passwords will be rejected.
The password cannot be the same as the username.
The password cannot be the same length as the username.
The password cannot be the username spelled backwards.
The password cannot be the same as the server name or the server name with digits from 1 to 100 appended.

Page: 1 2 3

More Oracle Articles, Database Articles and DBA Tips
   Database Security: Step by step guideline
   A Guide to Oracle Bitmap Index Techniques!!
   Performance Gains by Managing Space: Segments, Tablespace & Datafiles!!
   Great Tips on Table Recovery with RMAN Backup!!
   Efficient Tracking of Exceptions in Oracle!

HOME ABOUT US SUPPORT SITE MAP PRIVACY POLICY TERMS OF USE SUBMIT CONTENT ADVERTISE

Copyright © 2007 - 2010 Oriole Intellect Inc. All rights reserved.

The name Oracle is a trademark of Oracle Corporation. Any other names used on this website may be trademarks of their respective owners