zoukankan      html  css  js  c++  java
  • oracle 11g/12c 密码复杂度验证设置

    ###############################################################################

    ###### 11g ######

    ###############################################################################

    1、开启密码复杂度验证函数

    sqlplus / as sysdba

    @?/rdbms/admin/utlpwdmg.sql

    alter profile default limit password_life_time unlimited;

    ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS UNLIMITED;

    alter profile DEFAULT limit PASSWORD_LOCK_TIME UNLIMITED;

    alter profile DEFAULT limit PASSWORD_GRACE_TIME UNLIMITED;

    2、修改default profile的密码策略(实际上执行utlpwdmg.sql后自动修改PASSWORD_VERIFY_FUNCTION)

    alter profile default limit PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION;

    3、新建system profile

    create profile SYSTEM_PROFILE limit

    PASSWORD_LIFE_TIME 60

    PASSWORD_GRACE_TIME 90

    PASSWORD_REUSE_MAX 5

    PASSWORD_REUSE_TIME 60

    PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION;

    4、修改sys、system用户profile

    alter user sys profile SYSTEM_PROFILE;

    alter user system profile SYSTEM_PROFILE;

    5、验证

    set line 300

    col profile for a30

    col RESOURCE_NAME for a32

    col RESOURCE_TYPE for a13

    col LIMIT for a30

    col COMMON for a8

    SELECT * FROM dba_profiles order by profile;

    set line 300

    col username for a30

    col profile for a60

    SELECT username,PROFILE FROM dba_users order by created;

    ###############################################################################

    ###### 12c ######

    ###############################################################################

    1、开启密码复杂度验证函数(CDB和PDB都需要执行下面命令)

    sqlplus / as sysdba

    @?/rdbms/admin/utlpwdmg.sql

    alter profile default limit password_life_time unlimited;

    ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS UNLIMITED;

    alter profile DEFAULT limit PASSWORD_LOCK_TIME UNLIMITED;

    alter profile DEFAULT limit PASSWORD_GRACE_TIME UNLIMITED;

    2、修改default profile的密码策略(实际上执行utlpwdmg.sql后自动修改PASSWORD_VERIFY_FUNCTION)

    alter profile default limit PASSWORD_VERIFY_FUNCTION ora12c_verify_function;

    3、新建system profile(CDB执行)

    create profile C##_SYSTEM_PROFILE limit

    PASSWORD_LIFE_TIME 60

    PASSWORD_GRACE_TIME 90

    PASSWORD_REUSE_MAX 5

    PASSWORD_REUSE_TIME 60

    PASSWORD_VERIFY_FUNCTION ora12c_verify_function;

    4、修改sys、system用户profile(CDB执行)

    alter user sys profile C##_SYSTEM_PROFILE;

    alter user system profile C##_SYSTEM_PROFILE;

    5、验证(CDB和PDB都需要验证)

    set line 300

    col profile for a30

    col RESOURCE_NAME for a32

    col RESOURCE_TYPE for a13

    col LIMIT for a30

    col COMMON for a8

    SELECT * FROM dba_profiles where profile in ('DEFAULT','C##_SYSTEM_PROFILE') order by profile;

    set line 300

    col username for a30

    col profile for a60

    SELECT username,PROFILE FROM dba_users order by created;

    ora12c_verify_function:

    This function is the new 12c password verify function.

    It enforce a similar respectively slightly stronger password complexity as verify_function_11G.

    verify_function_11G just checked for DB_NAME or ORACLE with 1 to 100 attached. e.g. oracle1 or oracle83.

    With the new function DB_NAME or ORACLE may not be part of the password at all.

    The following is verified:

    Password at least 8 characters

    at least 1 letters

    at least 1 digits

    must not contain database name

    must not contain user name or reverse user name

    must not contain oracle

    must not be too simple like welcome1

    password must differ by at least 3 characters from the old password

    ora12c_strong_verify_function:

    This function is provided to give stronger password complexity.

    It considers recommendations of the Department of Defense Database (STIG) with the following limits.

    Password at least 9 characters

    at least 2 capital letters

    at least 2 small letters

    at least 2 digits

    at least 2 special characters

    password must differ by at least 4 characters from the old password

  • 相关阅读:
    scala安装使用-01
    Java基础知识强化103:Java常量池理解与总结
    C笔记01:关于printf函数输出先后顺序的讲解
    Android进阶笔记13:ListView篇之ListView刷新显示(全局 和 局部)
    Android进阶笔记12:ListView篇之图片优化
    MySQL(19):SQL语句(MySQL)大全
    Android 高级UI设计笔记09:Android实现无限滚动列表
    Android进阶笔记11:ListView篇之ListView性能优化
    1. Android 系统上一款开源的图表库
    Java基础知识强化之网络编程笔记25:Android网络通信之 Future接口介绍(Java程序执行超时)
  • 原文地址:https://www.cnblogs.com/kawashibara/p/9954512.html
Copyright © 2011-2022 走看看