Re: 11g password complexity
- From: kathryn axelrod <kat.axe@xxxxxxxxx>
- To: lyallbarbour@xxxxxxxxxxxxxxx
- Date: Tue, 27 Apr 2010 13:15:29 -0700
Hmm..Maybe that's it - some apps/scripts had issues with passwords that
contained symbols so Oracle removed the requirement. If that were the case,
I would think Oracle would have done so before 11g, but...maybe not :)
Either way, sounds like a good theory to me! Thanks Lyall.
On Tue, Apr 27, 2010 at 1:02 PM, <lyallbarbour@xxxxxxxxxxxxxxx> wrote:
> We had a problem with... the @ symbol, i think. One of the punctuations
> for passwords when a user would fire off an Oracle Report. Maybe that is
> one of the reasons...
> Lyall
>
> -----Original Message-----
> From: kathryn axelrod <kat.axe@xxxxxxxxx>
> To: oracle-l@xxxxxxxxxxxxx
> Sent: Tue, Apr 27, 2010 2:59 pm
> Subject: 11g password complexity
>
> Hi all,
>
> The basic utlpwdmg.sql script was modified for 11g and as one would expect,
> it contains more complexity checks than prior versions. However, there also
> seems to be a surprising decrease in complexity requirements:
> In prior versions, it required "at least one digit, one character and one
> punctuation". The 11g version requires "at least one digit, one character".
>
> Does anyone know why they removed the 'punctuation' requirement? I of
> course can code this in myself if desired but am nonetheless surprised that
> it would have been removed in the first place. I would think as the versions
> progress, the basic security requirements would become more stringent, not
> less.
>
> Thanks,
> -kathryn
>
>
Other related posts:
