Password expiry policy
755678May 18 2010 — edited May 18 2010Hi,
I am working on a 92080 database running on HP Unix (B.11.11).
I have some doubts regarding my password policies. My client wants to know these information and I need to reply them back. Please let me know how do I find them out?
1. Password Expiry : Does the passwords of individual oracle accounts are set to expire after every 90 days?
2. Password Strength: Does the passwords of individual oracle accounts have a minimum length of 7 characters? Do they require both numeric and alphanumeric characters in them?
3. I want to audit one particular table in a database. i.e, whoever has accessed that particular table, I would want to get a report. How do I audit this?
When I checked dba_profiles, I found this profile which has been assigned to all application users.
NONEXPIRY_PROFILE COMPOSITE_LIMIT KERNEL UNLIMITED
NONEXPIRY_PROFILE SESSIONS_PER_USER KERNEL UNLIMITED
NONEXPIRY_PROFILE CPU_PER_SESSION KERNEL UNLIMITED
NONEXPIRY_PROFILE CPU_PER_CALL KERNEL UNLIMITED
NONEXPIRY_PROFILE LOGICAL_READS_PER_SESSION KERNEL UNLIMITED
NONEXPIRY_PROFILE LOGICAL_READS_PER_CALL KERNEL UNLIMITED
NONEXPIRY_PROFILE IDLE_TIME KERNEL UNLIMITED
NONEXPIRY_PROFILE CONNECT_TIME KERNEL UNLIMITED
NONEXPIRY_PROFILE PRIVATE_SGA KERNEL UNLIMITED
NONEXPIRY_PROFILE FAILED_LOGIN_ATTEMPTS PASSWORD 5
NONEXPIRY_PROFILE PASSWORD_LIFE_TIME PASSWORD UNLIMITED
NONEXPIRY_PROFILE PASSWORD_REUSE_TIME PASSWORD 365
NONEXPIRY_PROFILE PASSWORD_REUSE_MAX PASSWORD UNLIMITED
NONEXPIRY_PROFILE PASSWORD_VERIFY_FUNCTION PASSWORD VERIFY_STRONG
NONEXPIRY_PROFILE PASSWORD_LOCK_TIME PASSWORD 1
NONEXPIRY_PROFILE PASSWORD_GRACE_TIME PASSWORD 3
Please help me out on this as I am new to DB administration.
Thanks!