Normally the Passwords are very sensitive and should be protected and prevented from changing by the users.It is trivial but this is what i found from the net and how i deployed in oracle
REM CONNECT AS SYSDBA
CREATE OR REPLACE FUNCTION verify_function_pwd_nochange (username VARCHAR2, password VARCHAR2, old_password VARCHAR2)
RETURN boolean
ISBEGIN
raise_application_error(-20900, 'SORRY, PASSWORD CANNOT BE CHANGED') ;
END ;
/
drop profile pass_profile cascade;
create profile pass_profile limitfailed_login_attempts unlimited;
alter profile pass_profile limitpassword_verify_function verify_function_pwd_nochange;
alter user system profile pass_profile;
Once the above command is executed the SYSTEM user password cannot be changed..
Drawback
but if you have a user who has dba privilege then he can drop the profile
Comments are welcome
Maran
Support Singapore
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment