|
Password Protection in Oracle 11g
Should your Oracle database password policy be restricted?
This article shows how you can use Oracle provided built-in password
protections to make a strong and secure password.
1. Enforced case sensitivity for passwords: In
Oracle 11g, you can enable or disable password case sensitivity. To
control the use of case sensitivity in passwords, set the
SEC_CASE_SENSITIVE_LOGON
initialization parameter. Only users who have the ALTER SYSTEM
privilege can set the SEC_CASE_SENSITIVE_LOGON parameter. Set it to
TRUE to enable case sensitivity or FALSE to disable
case sensitivity.
The statement below enable case sensitivity.
ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = TRUE
2. Password complexity checking: Keeping password complex enough
provide reasonable protection against intruders who try to break into the system
by guessing passwords. Never use a dictionary based password. In Oracle 11g, you
can force users to create strong, secure passwords for database user accounts.
Oracle provides a sample password verification function in the PL/SQL script
called UTLPWDMG.SQL (located in
$ORACLE_BASE/ORACLE_HOME/RDBMS/ADMIN).
The UTLPWDMG.SQL script checks for the following requirements
when users create or modify passwords:
- The password contains at least eight characters and does not exceed 30
characters.
- The password is not the same as the user name.
- The password is not the same as the server name.
- The password is not based on common dictionary based words.for example,
welcome1, database1, account1,
user1234, password1, oracle,
oracle123, computer1, abcdefg1, or
change_on_install.
- The password includes at least 1 numeric and 1 alphabetic character.
- The password differs from the previous password by at least 3 letters.
In next few article, I will explain few case sensitivity
on password case sensitivity so stay tuned for more information.
Ref: OracleŽ Database Security Guide 11g
Release 1 (11.1)
| 
