Re: How to disable password checking for a profile?

"Peter" <peter_at_nomorenewsspammin.ca> wrote in message news:2td7dvkjvj562bq2dvesu7n4b3apuun46m_at_4ax.com...

>
> The default value for PASSWORD_VERIFY_FUNCTION is VERIFY_FUNCTION.
> What does that really mean?
>
> Thanks

There's an awful lot of questions coming from your direction which could actually be resolved merely by reading the relevant documentation. You have visited http://tahiti.oracle.com, I hope.... But...

In the first place, you're wrong. The default value for everything in the DEFAULT profile is 'unlimited' or its equivalent. In this specific case, the default value is for PASSWORD_VERIFY_FUNCTION not to have a value at all, meaning that password complexity checking is not performed at all.

But Oracle thoughtfully provides a script, called utlpwdmg.sql, in $ORACLE_HOME/rdbms/admin which, if run as SYS, will create a PL/SQL function called 'verify_function' to be created.

That function checks that proposed passwords are at least 4 characters long, aren't one of a list of simple words, isn't the same as the user name, and contains at least one alpha, one numeric and one punctuation character.

By then setting P_V_F to be equal to the name of this function, you are saying that any user who is allocated the profile in which this limit is set to this value will be subject to these constraints when they next try and change their password.

You can edit utlpwdmg.sql, by the way... I, for example, prefer passwords to be a minimum of 6 characters long, and I don't like enforcing punctuation marks in passwords. So feel free to hack the script around (or rather, hack a copy of it around) until it does checks that you like. You can also change the name of the function to something that makes more sense to you (I usually change mine to 'COMPLEX_CHECK', which means I then create my profiles with PASSWORD_VERIFY_FUNCTION COMPLEX_CHECK.

Regards
HJR Received on Tue May 27 2003 - 14:52:01 CDT