| PASSWORD_REUSE_TIME versus PASSWORD_REUSE_MAX [message #213942] |
Fri, 12 January 2007 21:48  |
mick_vey
Messages: 1
Registered: January 2007
|
Junior Member |
|
|
I've done extensive research on the difference between these two parameters. However, the question I have is this...if you choose to use the password_reuse_max parameter instead of the password_reuse_time parameter, is there a minimum password age that would prevent someone from quickly cycling through the reuse_max limit and returning to the original password? It just makes more sense to me from a security standpoint to use the password_reuse_time parameter because it has the password uniqueness AND minimum password age built in, which would prevent this from happening.
Contrary to what a lot of the Oracle documentation says regarding the parameters being mutually exclusive, I've also heard that you can use them in conjunction with each other.
I've also heard that v8 behaves differently than v9 and v10 with respect to these particular parameters, but I'm not sure how. Thanks!
|
|
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
