Results 1 to 2 of 2

Thread: PWD profile

  1. #1
    Join Date
    Mar 2005
    Posts
    52

    Unanswered: PWD profile

    Hi,

    I've kept keep PASSWORD_REUSE_MAX=1 password. but it did not allow me to use the same old pwd after 2nd or 3rd .. attempt. it keep telling me
    "ORA 28007 Password can not be changed" can any one suggest what limit do I need to change so old pwd can be used after 1 time



    here is the prfile limits

    PROFILE RESOURCE_NAME LIMIT
    ------------------------------ -------------------------------- -----------
    PWD COMPOSITE_LIMIT DEFAULT
    PWD FAILED_LOGIN_ATTEMPTS UNLIMITED
    PWD CPU_PER_SESSION UNLIMITED
    PWD PRIVATE_SGA DEFAULT
    PWD CONNECT_TIME DEFAULT
    PWD PASSWORD_GRACE_TIME UNLIMITED
    PWD IDLE_TIME DEFAULT
    PWD PASSWORD_LOCK_TIME UNLIMITED
    PWD LOGICAL_READS_PER_CALL DEFAULT
    PWD PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION
    PWD LOGICAL_READS_PER_SESSION DEFAULT
    PWD PASSWORD_REUSE_MAX 1
    PWD CPU_PER_CALL UNLIMITED
    PWD PASSWORD_REUSE_TIME UNLIMITED
    PWD PASSWORD_LIFE_TIME 60
    PWD SESSIONS_PER_USER DEFAULT

  2. #2
    Join Date
    May 2006
    Posts
    132
    In normal Oracle fashion, the documentation is wrong. If the PASSWORD_REUSE_TIME is set to UNLIMITED while you have the PASSWORD_REUSE_MAX set to an integer value, then the user will never be able to reuse a password.

    Therefore, you should actually set the PASSWORD_REUSE_TIME to a low value. For example:

    Code:
    SQL> alter profile default limit PASSWORD_REUSE_TIME 0.0002;
    
    Profile altered.
    
    SQL> select resource_name, limit from dba_profiles
      2  where resource_type = 'PASSWORD';
    
    RESOURCE_NAME                    LIMIT
    -------------------------------- ---------------------------------
    FAILED_LOGIN_ATTEMPTS            UNLIMITED
    PASSWORD_LIFE_TIME               UNLIMITED
    PASSWORD_REUSE_TIME              .0001
    PASSWORD_REUSE_MAX               1
    PASSWORD_VERIFY_FUNCTION         NULL
    PASSWORD_LOCK_TIME               UNLIMITED
    PASSWORD_GRACE_TIME              UNLIMITED
    
    7 rows selected.
    This will allow a user to reuse a password after about 15 seconds.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •