Add a rule for password complexity in Oracle Database

Leave a reply

Enforce password complexity for Oracle Database

We force the user to have a complex password. We will move by creating the password verification function. It adds to the Oracle Profile of the database.

@?\rdbms\admin\utlpwdmg.sql

Script will create the default password verification function in your database. For 12c, sys.ora12c_verify_function and sys.ora12c_strong_verify_function created by script.

Now we need to alter our profile to use the password verification function to enforce the password complexity on Oracle Database users:

alter profile default limit  password_verify_function ora12c_strong_verify_function;

Example of creating a user with a password

create user username identified by password;
error:
ORA-28003: password verification for the specified password failed.
ORA-20001: Password length less than 9

-- Take more complex password will create the user with password.
create user username identified by pa##W0rd4599;

Reset the Password Verify function in the Default profile:

alter profile default limit password_verify_function null;

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.