years, many operating systems have supported the ability to define
password composition, complexity, aging, expiration, history, and
account locking. With past releases, Oracle has lagged behind. But
with the advent of Oracle8, these features have now become available
in an Oracle database. All the password functions mentioned here are
defined using the CREATE PROFILE statement, as shown in the previous
section. To enable password management in your Oracle system, the
script must be run as sys
from the sysmgr account. This script can be found in:
$ORACLE_HOME/rdbms/admindirectory on a UNIX system
$ORACLE_HOME/rdbms/admindirectory on a Windows NT system
$ORACLE_HOME:[rdbms]directory on an OpenVMS system
First, let’s examine what each of these features lets the DBA accomplish.
Password Composition and Complexity
Oracle’s password composition and complexity features enable the DBA to describe how a password must look (its physical composition). Oracle’s new complexity verification mechanism checks each password to ensure that it is complex enough to provide reasonable protection from someone who might be trying to guess a password to break into the database. Since the complexity verification is provided by Oracle through a PL/SQL function, you can add even more complexity to the default mechanism by writing your own function. The function must be owned by sys in order to perform properly.
The basic rules enforced by the default PL/SQL ...