- Oracle-Supplied Password Verification Functions
Oracle-Supplied Password Verification Functions
• Complexity verification checks that each password is complex enough to provide reasonable protection against intruders who try to break into the system by guessing passwords.
• You can create your own password verification functions.
• Oracle Database provides the following functions that you can create by executing the ut1pwdmg. sql
script:
° ORA12C_VERIFY _FUNCTION
° ORA12C_STRONG _VERIFY FUNCTION
° VERIFY_FUNCTION_11G
Note: this script does not create these functions
It is only script for Default Password Resource Limits
• The functions above must be owned by the sys user.
° Password complexity checking is not enforced for the SYS user.
It is catpvf.sql Which create these functions
- verify_function_11G Function Password Requirements
• The password contains no fewer than 8 characters and includes at least one numeric
and one alphabetic character.
• The password is not the same as the user name, nor is it the user name reversed
or with the numbers 1-100 appended.
• The password is not the same as the server name or the server name
with the numbers 1-100 appended.
• The password does not contain oracle
(for example, oracle with the numbers 1 - 100 appended).
• The password is not too simple
(for example, welcome, database, account1, user1234, password, oracle123, computer1,
abcdefg1, of change _on install).
• The password differs from the previous password by at least 3 characters.
The following internal check is also applied:
• The password does not contain the double-quotation character (").
However, it can be surrounded by double-quotation marks.
- ora12c_verify_function Function Password Requirements
• The password contains no fewer than 8 characters and includes at least one numeric
and one alphabetic character.
• The password is not the same as the user name or the user name reversed.
• The password is not the same as the database name.
• The password does not contain the word oracle (such as oracle123).
• The password differs from the previous password by at least 8 characters.
• The password contains at least 1 special character.
The following internal check is also applied:
• The password does not contain the double-quotation character (").
However, it can be surrounded by double-quotation marks.
- ora12c_strong_verify_function Function Password Requirements
• The password must contain at least 2 upper case characters, 2 lower case characters,
2 numeric characters, and 2 special characters. These special characters are as follows:
` ~ ! @3 $ % ^ ( ) _ - + = { } [ ] \ / < > , . ; ? ‘ : (space)
• The password must differ from the previous password by at least 4 characters.
The following internal check is also applied:
• The password does not contain the double-quotation character (").
It can be surrounded by double-quotation marks, however.