Oracle RAC, ASM, Exadata, Cloud, and More..: Password Enhancement

Passwords in Oracle Database 11g:

Are case-sensitive

Contain mutibyte characters without being enclosed in quotation marks

Use more secure hash algorithm

Use salt in the hash algorithm

By default:

Default password profile is enabled

Account is locked after 10 failed login attempts

To enable built-in Password Complexity checker

SQL> connect / as sysdba

Connected.

SQL> @?/rdbms/admin/utlpwdmg.sql

Function created.

Profile altered.

Function created.

SQL> show parameter sec_case_sensitive_

NAME TYPE VALUE

------------------------------------ ----------- ------------------------------

sec_case_sensitive_logon boolean FALSE

SQL> alter system set sec_case_sensitive_logon=TRUE;

You can set limits on the number of time an unauthorized user attempts to login by setting the parameter

SQL> alter system set sec_max_failed_login_attempts=3 scope=spfile;

Oracle RAC, ASM, Exadata, Cloud, and More..