| Oracle Password Complexity setup [message #670309] |
Mon, 25 June 2018 23:40  |
morad_dba
Messages: 93
Registered: June 2008
|
Member |
|
|
Dear all,
We have to configure Password Complexity rules that is
" Users shall not be allowed to change their password within one (1) day;"
How to set it in oracle database?
Regards,
Morad Hossen.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: Oracle Password Complexity setup [message #670357 is a reply to message #670354] |
Thu, 28 June 2018 09:25  |
morad_dba
Messages: 93
Registered: June 2008
|
Member |
|
|
Dear All,
I did not get any parameter or mechanism to restrict a db user to change password of the same password reset/create day in the link prescribed by Michel Cadot .
Suppose: SQL> Create user hypo identified by hypo;
and on the same day --- sqlplus hypo/hypo
SQL> ALTER USER hypo identified by hypo1; (This statement should be failed)
Please give us idea how to implement this concept.
[Updated on: Thu, 28 June 2018 09:28] Report message to a moderator |
|
|
|
|
|
|
|
|
|
| Re: Oracle Password Complexity setup [message #670381 is a reply to message #670379] |
Fri, 29 June 2018 08:58 |
cookiemonster
Messages: 13961
Registered: September 2008
Location: Rainy Manchester
|
Senior Member |
|
|
No it doesn't.
You need one of two dates for password expiry - set date and expiry date.
If you just store set date then expiry date is changed as soon as the lifetime is changed
If you just store expiry then change in lifetime only comes into to play when you reset the password (which is the behaviour in oracle)
dba_users holds expiry_date.
Turns out oracle does hold set date as well but it definitely didn't need to for it's implementation of password lifetime.
|
|
|
|
|
|
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
