To many people, passwords are a necessary evil; to others, they are just a waste of time. No matter what camp you're in, over time the technical world has developed several basic processes that seem to work very well. These are password aging, account locking, password complexity, and password history. Password AgingThe password aging parameter is set in the user 's profile. (We'll be discussing profiles shortly.) It refers to the length of time before a password expires . Account LockingAccount locking consists of two parameters that are set in the user's profile:
Password ComplexityAlthough Oracle provides a minimum set of criteria, some shops create their own scripts to force things like upper and lowercase, a minimum number of numerics, or a special character. Such customized routines are included in CREATE/ALTER PROFILE statements. All of the nuances in the criteria that are developed for passwords are referred to collectively as password complexity . Password HistoryAnother profile parameter ” password history ”specifies how many times a password must be changed before a particular password can be used again. |