Oracle 11g: Password expired, account locked – unwanted!

Hi,

it’s old news, but oracle 11g expires passwords after 180 days, and locks you out if you mistype your password 10 times, and most DBAs don’t like that. It’s unsecure, but for client-server-applications a locked account is no single-user-annoyance, it’s a downtime killing SLAs, nerves and – hopefully not – DBA jobs. So just make your DEFAULT user profile less secure:

select * from dba_profiles where resource_type='PASSWORD' \
  order by resource_name;
alter profile DEFAULT limit FAILED_LOGIN_ATTEMPTS UNLIMITED;
alter profile DEFAULT limit PASSWORD_LIFE_TIME UNLIMITED;
select * from dba_profiles where resource_type='PASSWORD' \
  order by resource_name;

Be careful
Usn




You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply