Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: password complexity -- implementing security changes

RE: password complexity -- implementing security changes

From: Potluri, Venu (GTI) <venu_potluri_at_ml.com>
Date: Fri, 3 Mar 2006 09:59:41 -0500
Message-ID: <F65245818C52764E83192CFDA540095A07E8264D@mlnyb705mb.amrs.win.ml.com>


You can use the verify_function and create password complexity. In our environments, we require users to reset passwords every 90 days. The password needs to have a capital letter, a number, etc. I have created a utility which will change password and send email to the person that owns the account automatically. It is simple enough for helpdesk to use to accomplish password reset or unlock. The user also gets prompts to change password themselves starting 14 days prior to expiration. All of this can be accomplished with the verify_function and assigning a custom profile to the database accounts. Of course, the helpdesk need not get involved at all if the users can be coddled to change password 14 days prior to expiration.

-----Original Message-----

From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of rjamya Sent: Friday, March 03, 2006 9:46 AM
To: wbfergus_at_usgs.gov
Cc: oracle-l_at_freelists.org
Subject: Re: password complexity -- implementing security changes

Our corporate security requirements state that passwords must be changed every 60 days for user accounts. So, we wrote a stored procedure that changes user password given a userid. Then wrote a small perl script that can be called by guys in Data Center.

when a user calls, they verify it is the right user, call a perl program that changes the password to a temp one and give it to the user on the phone, never in the email.

Also our application tracks this and starts reminding suer 7 days before the password expiration.

Works fine, the data center doesn't get too many phone calls, everyone is happy.

Raj



Got RAC?
--

http://www.freelists.org/webpage/oracle-l

If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important additional terms relating to this e-mail. http://www.ml.com/email_terms/



--

http://www.freelists.org/webpage/oracle-l Received on Fri Mar 03 2006 - 08:59:41 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US