如何配置 Oracle 11g 复杂密码校验设置
----查看缺省profile 中 密码相关的参数配置信息
SQL> SELECT profile,resource_type,resource_name,limit FROM dba_profiles WHERE resource_type='PASSWORD' AND profile='DEFAULT';
PROFILE RESOURCE RESOURCE_NAME LIMIT
------------------------------ -------- -------------------------------- ----------------------------------------
DEFAULT PASSWORD FAILED_LOGIN_ATTEMPTS 10
DEFAULT PASSWORD PASSWORD_LIFE_TIME UNLIMITED
DEFAULT PASSWORD PASSWORD_REUSE_TIME UNLIMITED
DEFAULT PASSWORD PASSWORD_REUSE_MAX UNLIMITED
DEFAULT PASSWORD PASSWORD_VERIFY_FUNCTION NULL
DEFAULT PASSWORD PASSWORD_LOCK_TIME 1
DEFAULT PASSWORD PASSWORD_GRACE_TIME 7
7 rows selected.
-----调用Oracle 的脚本生成密码校验函数
SQL> @?/rdbms/admin/utlpwdmg.sql
Function created.
Profile altered.
Function created.
再次查看配置结果:
SQL> SELECT profile,resource_type,resource_name,limit FROM dba_profiles WHERE resource_type='PASSWORD' AND profile='DEFAULT';
PROFILE RESOURCE RESOURCE_NAME LIMIT
------------------------------ -------- -------------------------------- ----------------------------------------
DEFAULT PASSWORD FAILED_LOGIN_ATTEMPTS 10
DEFAULT PASSWORD PASSWORD_LIFE_TIME 180
DEFAULT PASSWORD PASSWORD_REUSE_TIME UNLIMITED
DEFAULT PASSWORD PASSWORD_REUSE_MAX UNLIMITED
DEFAULT PASSWORD PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION_11G------新生成的函数
DEFAULT PASSWORD PASSWORD_LOCK_TIME 1
DEFAULT PASSWORD PASSWORD_GRACE_TIME 7
7 rows selected.
-----如何修改profile 中配置参数:
alter profile DEFAULT limit PASSWORD_REUSE_MAX 5;
SQL> SELECT profile,resource_type,resource_name,limit FROM dba_profiles WHERE resource_type='PASSWORD' AND profile='DEFAULT';
PROFILE RESOURCE_TYPE RESOURCE_NAME LIMIT
--------- ---------------- ---------------------------------------------------------------- --------------------------------------------------------------------------------
DEFAULT PASSWORD FAILED_LOGIN_ATTEMPTS 10
DEFAULT PASSWORD PASSWORD_LIFE_TIME 180
DEFAULT PASSWORD PASSWORD_REUSE_TIME UNLIMITED
DEFAULT PASSWORD PASSWORD_REUSE_MAX 5
DEFAULT PASSWORD PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION_11G
DEFAULT PASSWORD PASSWORD_LOCK_TIME 1
DEFAULT PASSWORD PASSWORD_GRACE_TIME 7
7 rows selected.
-----将password_ruse_max 改成unlimited
SQL> alter profile DEFAULT limit PASSWORD_REUSE_MAX UNLIMITED;
Profile altered.
SQL> SELECT profile,resource_type,resource_name,limit FROM dba_profiles WHERE resource_type='PASSWORD' AND profile='DEFAULT';
PROFILE RESOURCE_TYPE RESOURCE_NAME LIMIT
--------- ---------------- ---------------------------------------------------------------- --------------------------------------------------------------------------------
DEFAULT PASSWORD FAILED_LOGIN_ATTEMPTS 10
DEFAULT PASSWORD PASSWORD_LIFE_TIME 180
DEFAULT PASSWORD PASSWORD_REUSE_TIME UNLIMITED
DEFAULT PASSWORD PASSWORD_REUSE_MAX UNLIMITED
DEFAULT PASSWORD PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION_11G
DEFAULT PASSWORD PASSWORD_LOCK_TIME 1
DEFAULT PASSWORD PASSWORD_GRACE_TIME 7
7 rows selected.