Using user profiles to enforce password policies
A user profile controls user password policies and resource control. Every user has an allocated profile.
The DEFAULT
profile will be assigned if another profile is not specified for a user. It is recommended that you use your own custom profiles to enforce password aging policies, strong passwords, and resource utilization. In this recipe, we will create a customized profile named CUSTPROF
that establishes a strong password policy through the use of password related profile resources and the use of a password verification function.
Getting ready
All the steps will be performed on the HACKDB
database.
How to do it...
The profile CUSTPROF
will be assigned to the HR
user in the following steps:
Create a new profile named
CUSTPROF
using the following statement:SQL> create profile custprof limit password_reuse_max 15; Profile created.
To find information about the profile
CUSTPROF
, issue the following query:SQL> select PROFILE,RESOURCE_NAME...