Re: Password routine
- From: "Niall Litchfield" <niall.litchfield@xxxxxxxxx>
- To: Michael.Kline@xxxxxxxxxxxx
- Date: Fri, 4 Aug 2006 14:15:44 +0100
On 8/4/06, Kline.Michael <Michael.Kline@xxxxxxxxxxxx> wrote:
Audit has said: "Modify Oracle's password complexity verification
routine script (utlpwdmg.sql), and allow password changes only if the
current password has been active for more than 2 days."
ah Audit has spoken. I assume that your organisations general password
policy is not to allow a change if the password was previously changed in
the last 2 days, and that this is just playing catchup? The reason I ask is
that it seems odd to me. I can't imagine how many times I've changed a
password prior to 8am one morning because I was asked to, had to fight
complexity requirements - got it changed and then been unable to recall it
the following morning. At least in your organisation I could go home and
bill the lost day to audit.
I think I heard 10G works with active directory, maybe even RACF, and if
that was in place, this would be a non issue.
what do you mean by works with? If its just a matter of authenticating
windows users you can do this in , at least. 9i upwards.
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
Other related posts:
