Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

FAILED_LOGIN_ATTEMPTS & PASSWORD_LOCK_TIME occurs twice in an hour.

user303350Jun 18 2012 — edited Apr 26 2013

Hello,

I need some assistance on a security requirement.

Our security admin would like the following:

User Account must lock after three failed attempts and remain locked for 15 minutes or be reset by an administrator. If four lock-outs occur back to back in one (1) hour, the account must lock and remain locked until unlocked by an administrator.

Has anyone tried to do this with Oracle users?

I'm aware of the profile setting FAILED_LOGIN_ATTEMPTS and PASSWORD_LOCK_TIME.
I'm just not sure how to lock the account after second lockout occurs in the same hour. The only way I can think of doing this is with some custom code that checks for this type of occurrence.

Thanks,
Shawn

Locked Post

New comments cannot be posted to this locked post.

Locked on May 24 2013

Added on Jun 18 2012

#database-security, #database-security-general

2 comments

6,591 views