Question about Password Verify Function
932890Apr 24 2012 — edited Apr 24 2012I was hoping someone could help me out. I'm not a dba but our company requires our system accounts have the minimum password length set to a minimum of 8. Our DBA added a password function to PASSWORD_VERIFY_FUNCTION in the profiles of these accounts to comply with the policy. However, my question is, at what point does PASSWORD_VERIFY_FUNCTION run? If the system account passwords are never changed and don't login to Oracle, would the function ever be enforced? For example, if the account "ex_system" had a password length of 4 and the PASSWORD_VERIFY_FUNCTION was added to its profile to run the fuction requiring a password of 8, at what point would the password for "ex_system" have to be changed?
Also, is there a way to manually check individual accounts to see if their current passwords comply with the minimum length policy?
Thanks!