Password policies are a set of rules that apply to all user passwords in an identity management realm. Password policies include settings for password complexity, minimum password length, and the like. They also include account lockout and password expiration settings.
A password policy entry is defined in Oracle Internet Directory for every identity management realm. Password policies in Oracle Internet Directory are standard Oracle Internet Directory entries that can be used by Oracle Database for Enterprise User Security.
Oracle Internet Directory ensures that all enterprise user passwords meet the rules specified in the password policy entry for the realm. The database communicates with Oracle Internet Directory when authenticating an enterprise user. It requests Oracle Internet Directory to report any password policy violations. If the database gets a policy violation response from Oracle Internet Directory, then it flashes the appropriate warning or error message to the user.
The database reports the following events:
It flashes a warning when the user password is about to expire and displays the number of days left for the user to change his or her password.
It flashes a warning when the password has expired and informs the user about the number of grace logins that remain.
It displays an error when the user password has expired and the user does not have any grace logins left.
It displays an error when the user account has been locked due to repeated failed attempts at login.
Note:
For Enterprise SYSDBA users, the failed login count is enabled and is updated whether the database is up or down.
It displays an error if the user account has been disabled by the administrator.
It displays an error if the user account is inactive.
Enterprise user login attempts to the database, update the user account status in Oracle Internet Directory. For example, consecutive failed login attempts to the database results in the account getting locked in the directory, as per the directory's password policy.
See Also:
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory for detailed information on password policies and their management