I really like this. If I forget my password, I go to the dba and he change it to a new one.For security reasons (so the dba would not know my password) he should flag it as expired, forcing me to change it the next time I log in into the database. With your policy, I get a day off because I can not change it in the same day.
Adar Yechiel Rechovot, Israel Michael Chan wrote:
Hi All,I'm being asked by my security officer that if I can put in control such that a database user can only change password once a day. i.e. the minimum life time of a password should be 1. Any suggestions/recommendations ? Thanks, PH Chan