Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: password change control

RE: password change control

From: Smith, Steven K - MSHA <Smith.Steven_at_DOL.GOV>
Date: Thu, 9 Nov 2006 09:39:58 -0700
Message-ID: <A49A36C009B8884C9246B36A0DA7923F04B4F01E@msha-lak-exmb01.msha.dir.labor.gov>


All you need to do is modify the profile assigned to the users. Set the minimum time allowed before reusing the password..  

I believe that the parameter is PASSWORD_REUSE_TIME.  

ALTER PROFILE default LIMIT password_lifetime 2;    

Steve Smith

Envision Technology Partners / MSHA MSIS Team

Desk: 303-231-5499    

-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Michael Chan
Sent: Thursday, November 09, 2006 9:29 AM To: MacGregor, Ian A.
Cc: oracle-l_at_freelists.org
Subject: Re: password change control

Thanks all for the reply. I know the direction to address the issue.  

My security officer is trying to address the following scenario. Users are forced to change their password due to expiration and they cannot change it back to the original one from the interim one on the same day.  

They copy this concept from some Unix platform like AIX.  

Regards,  

PH Chan  

On 11/9/06, MacGregor, Ian A. <ian_at_slac.stanford.edu> wrote:

I'm curious as to why your security officer would proscribe changing a password more than once a day. However, you could write a verify_function which looks at the ptime field is user$.

Ian MacGregor

-----Original Message-----

From: oracle-l-bounce_at_freelists.org

[mailto:oracle-l-bounce_at_freelists.org

<mailto:oracle-l-bounce_at_freelists.org> ] On Behalf Of Michael Chan Sent: Thursday, November 09, 2006 6:29 AM To: oracle-l_at_freelists.org
Subject: password change control

Hi All,

I'm being asked by my security officer that if I can put in control such that a database user can only change password once a day. i.e. the minimum life time of a password should be 1.

Any suggestions/recommendations ?

Thanks,

PH Chan

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Nov 09 2006 - 10:39:58 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US