Oracle Database Asset Protection Standards:: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Oracle can manage passwords through profiles. Some of the things that one can restrict:<br> | |||
<br> | |||
:'''FAILED_LOGIN_ATTEMPTS''' - failed login attempts before the account is locked.<br> | |||
:'''PASSWORD_LIFE_TIME''' - limits the number of days the same password can be used for authentication.<br> | |||
:'''PASSWORD_REUSE_TIME''' - number of days before a password can be reused.<br> | |||
:'''PASSWORD_REUSE_MAX''' - number of password changes required before the current password can be reused.<br> | |||
:'''PASSWORD_LOCK_TIME''' - number of days an account will be locked after maximum failed login attempts.<br> | |||
:'''PASSWORD_GRACE_TIME''' - number of days after the grace period begins during which a warning is issued and login is allowed.<br> | |||
:'''PASSWORD_VERIFY_FUNCTION''' - password complexity verification script.<br> | |||
<br> | |||
You should specify a profile when you create a user. A profile is a set of limits on database resources and password access to the database. If no profile is specified, the user is assigned a default profile.<br> | |||
<br> | |||
Complex password enforcement script example. [[Media:PASSWORD_FUNCTION.doc]]<br> | Complex password enforcement script example. [[Media:PASSWORD_FUNCTION.doc]]<br> | ||
<br> | |||
--[[User:Mdpeters|Mdpeters]] 10:36, 16 November 2006 (EST) | --[[User:Mdpeters|Mdpeters]] 10:36, 16 November 2006 (EST) | ||
Revision as of 15:42, 16 November 2006
Oracle can manage passwords through profiles. Some of the things that one can restrict:
- FAILED_LOGIN_ATTEMPTS - failed login attempts before the account is locked.
- PASSWORD_LIFE_TIME - limits the number of days the same password can be used for authentication.
- PASSWORD_REUSE_TIME - number of days before a password can be reused.
- PASSWORD_REUSE_MAX - number of password changes required before the current password can be reused.
- PASSWORD_LOCK_TIME - number of days an account will be locked after maximum failed login attempts.
- PASSWORD_GRACE_TIME - number of days after the grace period begins during which a warning is issued and login is allowed.
- PASSWORD_VERIFY_FUNCTION - password complexity verification script.
You should specify a profile when you create a user. A profile is a set of limits on database resources and password access to the database. If no profile is specified, the user is assigned a default profile.
Complex password enforcement script example. Media:PASSWORD_FUNCTION.doc
--Mdpeters 10:36, 16 November 2006 (EST)