본문 바로가기
Database/Oracle

74 - [Oracle 19C] Password Parameters

unsungIT 2023. 12. 7. 08:38

 

 

Password Parameters

 

1. Account locking

 

Account locking enables automatic locking of accounts for a set duration when users fail to log in to the system in the specified number of attempts or when accounts sit inactive for a pre-defined number of days (meaning, users have not attempted to log in to their accounts).

We can configure the following parameters

• FAILED _LOGIN ATTEMPTS specifies the number of failed login attempts before the lockout of the account.
• PASSWORD LOCK_TIME specifies the number of days for which the account is locked after the specified number of failed login attempts.
• INACTIVE_ACCOUNT_TIME specifies the number of days an account can be inactive before it is locked.

 

 

 

2. Password aging and expiration

 

Password aging and expiration enables user passwords to have a lifetime, after which the passwords expire and must be changed.

We can configure the following parameters

• PASSWORD _LIFE_TIME determines the lifetime of the password in days, after which the password expires.
• PASSWORD GRACE_TIME specifies a grace period in days for changing the password after the first successful
login after the password has expired.

 

 

 

3. Password history

 

Password history checks the new password to ensure that the password is not reused for a specified amount of time or a specified number of password changes.

We can configure the following parameters

• PASSWORD_REUSE_TIME specifies that a user cannot reuse a password for a given number of days.
• PASSWORD
REUSE MAX specifies the number of password changes that are required before the current password can be reused.
• PASSWORD_VERIFY_FUNCTION checks for password complexity for the sys user.

 

 

 

4. Password complexity verification

 

Password complexity verification makes a complexity check on the password to verify that it meets certain rules.

We control this by parameter :PASSWORD_VERIFY_FUNCTION

• It is PL/SQL function that perform password complexity check
• This function owned by user SYS
• It must return Boolean ( true or false)
• A model verification function is provided in script called "ut1pwdmg. sql".

"ut1pwdmg. sql" - $SORACLE_HOME/rdbms/admin

 

 

 

 

 

 

'Database > Oracle' 카테고리의 다른 글

76 - [Oracle 19C] Resource Parameters  (0) 2023.12.08
75 - [Oracle 19C] Oracle - Password Verification Functions  (0) 2023.12.07
73 - [Oracle 19C] User profile  (0) 2023.12.07
72 - [Oracle 19C] System privileges with admin option.  (1) 2023.12.07
71 - [Oracle 19C] Role granted another role  (0) 2023.12.06

'Database/Oracle' Related Articles

티스토리툴바