Re: 11g password complexity

  • From: lyallbarbour@xxxxxxxxxxxxxxx
  • To: oracle-l@xxxxxxxxxxxxx
  • Date: Tue, 27 Apr 2010 16:02:14 -0400

We had a problem with... the @ symbol, i think.  One of the punctuations for 
passwords when a user would fire off an Oracle Report.  Maybe that is one of 
the reasons...

-----Original Message-----
From: kathryn axelrod <kat.axe@xxxxxxxxx>
To: oracle-l@xxxxxxxxxxxxx
Sent: Tue, Apr 27, 2010 2:59 pm
Subject: 11g password complexity

Hi all,

The basic utlpwdmg.sql script was modified for 11g and as one would expect, it 
contains more complexity checks than prior versions. However, there also seems 
to be a surprising decrease in complexity requirements:
In prior versions, it required "at least one digit, one character and one 
punctuation". The 11g version requires "at least one digit, one character".

Does anyone know why they removed the 'punctuation' requirement? I of course 
can code this in myself if desired but am nonetheless surprised that it would 
have been removed in the first place. I would think as the versions progress, 
the basic security requirements would become more stringent, not less.


Other related posts: