5
Sep

Enforcing password complexity for database users

It is recommended to enforce checks and response actions for failed logins, password complexity, password expiration and password reuse.
 
Password complexity can be implemented through profiles.
 
The script for password management implementation utlpwdmg.sql can be used to create a new function to verify password complexity rules.
 
Verify Function is a quick and easy way to enforce quality of database passwords—for example, they should contain a certain number of characters, should not be identical to the username, and so on.
 
By executing this script utlpwdmg.sql, it will attach the function to the profile DEFAULT, which is the default profile for all users.
 

The following password complexity is set with the 'utlpwdmg.sql' script.
 

  • Password length less than 8
  • Password same as or similar to user
  • Password same as username reversed
  • Password same as or similar to server name
  • Password too simple
  • Password must contain at least one digit, one character
  • Password must contain at least one digit, and one character
  • Password should differ from the old password by at least 3 characters
  • Read more...

    Back to Top