Passwords in Oracle Database 11g:
Are case-sensitive
Contain mutibyte characters without being enclosed in quotation marks
Use more secure hash algorithm
Use salt in the hash algorithm
By default:
Default password profile is enabled
Account is locked after 10 failed login attempts
To enable built-in Password Complexity checker
SQL> connect / as sysdba
Connected.
SQL> @?/rdbms/admin/utlpwdmg.sql
Function created.
Profile altered.
Function created.
SQL> show parameter sec_case_sensitive_
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
sec_case_sensitive_logon boolean FALSE
SQL> alter system set sec_case_sensitive_logon=TRUE;
You can set limits on the number of time an unauthorized user attempts to login by setting the parameter
SQL> alter system set sec_max_failed_login_attempts=3 scope=spfile;
No comments:
Post a Comment