Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Password management in v7.x
1.User able to change own password
A Oracle User Can always change his/her password. You can write a small script if you do not want the users to write the whole syntax 'SQL> alter user ... identified by ...'
2.Password expires after 30 days
Unlike Unix and other operating systems, Oracle Database has not been smart enough to allow such automatic enforcements. Its user profile option can force users to limited amount of idle time, tablespace quota etc. though. Depending on how your users connects to the database (either via a GUI client, or telnet) your solutions could be very different. Unluckily, you still have to depend on your home grown solutions, Oracle does not have one so far (I would love be informed otherwise).
3.Password not kept in clear form on database.
Passwords are NOT kept in clear form in the database (I suppose by 'clear' you mean 'not encrypted').
The encryption mechanism again is not as smart as a typical Unix system provides, but it is sufficient enough to protect a users password for short term, provided you ask the users to keep changing their passwords on a regular basis (your earlier points).
None of the solutions we created at one site were perfect fit for another, therefore, I could not get you a generic script. I would also like to see if anyone has more generic solution to this so universal a problem.
Umesh Tiwari
Ameritech Corprate Center
Hoffman Estates,Illinois
-------------------==== Posted via Deja News ====----------------------- http://www.dejanews.com/ Search, Read, Post to UsenetReceived on Thu Nov 13 1997 - 00:00:00 CST