当前位置:  数据库>oracle

Oracle帐户口令强度策略限制

    来源: 互联网  发布时间:2017-06-08

    本文导语: Oracle帐户口令强度策略限制 1. 用户口令要求包含字母、数据和特殊字符三种类型 (1)创建密码检查函数 CREATE OR REPLACE FUNCTION verify_function(username varchar2,  password varchar2,  old_password varchar2)  RETURN boolean IS  n boolean;  m integer;  di...

Oracle帐户口令强度策略限制

1. 用户口令要求包含字母、数据和特殊字符三种类型

(1)创建密码检查函数

CREATE OR REPLACE FUNCTION verify_function
(username varchar2,
  password varchar2,
  old_password varchar2)
  RETURN boolean IS
  n boolean;
  m integer;
  differ integer;
  isdigit boolean;
  ischar  boolean;
  ispunct boolean;
  digitarray varchar2(20);
  punctarray varchar2(25);
  chararray varchar2(52);


BEGIN
  digitarray:= '0123456789';
  chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
  punctarray:='!"#$%&()``*+,-/:;?_';


  -- Check if the password is same as the username
  IF NLS_LOWER(password) = NLS_LOWER(username) THEN
    raise_application_error(-20001, 'Password same as or similar to user');
  END IF;


  -- Check for the minimum length of the password
  IF length(password) < 4 THEN
      raise_application_error(-20002, 'Password length less than 4');
  END IF;


  -- Check if the password is too simple. A dictionary of words may be
  -- maintained and a check may be made so as not to allow the words
  -- that are too simple for the password.
  IF NLS_LOWER(password) IN ('welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd') THEN
      raise_application_error(-20002, 'Password too simple');
  END IF;


  -- Check if the password contains at least one letter, one digit and one
  -- punctuation mark.
  -- 1. Check for the digit
  isdigit:=FALSE;
  m := length(password);
  FOR i IN 1..10 LOOP
      FOR j IN 1..m LOOP
  IF substr(password,j,1) = substr(digitarray,i,1) THEN
    isdigit:=TRUE;
      GOTO findchar;
  END IF;
      END LOOP;
  END LOOP;
  IF isdigit = FALSE THEN
      raise_application_error(-20003, 'Password should contain at least one digit, one character and one punctuation');
  END IF;
  -- 2. Check for the character
 
  ischar:=FALSE;
  FOR i IN 1..length(chararray) LOOP
      FOR j IN 1..m LOOP
  IF substr(password,j,1) = substr(chararray,i,1) THEN
    ischar:=TRUE;
      GOTO findpunct;
  END IF;
      END LOOP;
  END LOOP;
  IF ischar = FALSE THEN
      raise_application_error(-20003, 'Password should contain at least one
      digit, one character and one punctuation');
  END IF;
  -- 3. Check for the punctuation
 
  ispunct:=FALSE;
  FOR i IN 1..length(punctarray) LOOP
      FOR j IN 1..m LOOP
  IF substr(password,j,1) = substr(punctarray,i,1) THEN
    ispunct:=TRUE;
      GOTO endsearch;
  END IF;
      END LOOP;
  END LOOP;
  IF ispunct = FALSE THEN
      raise_application_error(-20003, 'Password should contain at least one
      digit, one character and one punctuation');
  END IF;


 
  -- Check if the password differs from the previous password by at least
  -- 3 letters
  IF old_password IS NOT NULL THEN
    differ := length(old_password) - length(password);


    IF abs(differ) < 3 THEN
      IF length(password) < length(old_password) THEN
  m := length(password);
      ELSE
  m := length(old_password);
      END IF;


      differ := abs(differ);
      FOR i IN 1..m LOOP
  IF substr(password,i,1) != substr(old_password,i,1) THEN
    differ := differ + 1;
  END IF;
      END LOOP;


      IF differ < 3 THEN
  raise_application_error(-20004, 'Password should differ by at
  least 3 characters');
      END IF;
    END IF;
  END IF;
  -- Everything is fine; return TRUE ;
  RETURN(TRUE);
END;
/

(2)创建密码检查profile及应用于业务用户

 CREATE PROFILE profile_pwd LIMIT PASSWORD_VERIFY_FUNCTION verify_function;

 ALTER USER NDMC PROFILE profile_pwd;

2. 用户口令要求数字和字母,不强制要求特殊字符

(1)创建密码检查函数

CREATE OR REPLACE FUNCTION verify_function
(username varchar2,
  password varchar2,
  old_password varchar2)
  RETURN boolean IS
  n boolean;
  m integer;
  differ integer;
  isdigit boolean;
  ischar  boolean;
  ispunct boolean;
  db_name varchar2(40);
  digitarray varchar2(20);
  punctarray varchar2(25);
  chararray varchar2(52);
  i_char varchar2(10);
  simple_password varchar2(10);
  reverse_user varchar2(32);


BEGIN
  digitarray:= '0123456789';
  chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';


  -- Check for the minimum length of the password
  IF length(password) < 8 THEN
      raise_application_error(-20001, 'Password length less than 8');
  END IF;

 


  -- Check if the password is same as the username or username(1-100)
  IF NLS_LOWER(password) = NLS_LOWER(username) THEN
    raise_application_error(-20002, 'Password same as or similar to user');
  END IF;
  FOR i IN 1..100 LOOP
      i_char := to_char(i);
      if NLS_LOWER(username)|| i_char = NLS_LOWER(password) THEN
        raise_application_error(-20005, 'Password same as or similar to user name ');
      END IF;
    END LOOP;


  -- Check if the password is same as the username reversed
 
  FOR i in REVERSE 1..length(username) LOOP
    reverse_user := reverse_user || substr(username, i, 1);
  END LOOP;
  IF NLS_LOWER(password) = NLS_LOWER(reverse_user) THEN
    raise_application_error(-20003, 'Password same as username reversed');
  END IF;


  -- Check if the password is the same as server name and or servername(1-100)
  select name into db_name from sys.v$database;
  if NLS_LOWER(db_name) = NLS_LOWER(password) THEN
      raise_application_error(-20004, 'Password same as or similar to server name');
  END IF;
  FOR i IN 1..100 LOOP
      i_char := to_char(i);
      if NLS_LOWER(db_name)|| i_char = NLS_LOWER(password) THEN
        raise_application_error(-20005, 'Password same as or similar to server name ');
      END IF;
    END LOOP;


  -- Check if the password is too simple. A dictionary of words may be
  -- maintained and a check may be made so as not to allow the words
  -- that are too simple for the password.
  IF NLS_LOWER(password) IN ('welcome1', 'database1', 'account1', 'user1234', 'password1', 'oracle123', 'computer1', 'abcdefg1', 'change_on_install') THEN
      raise_application_error(-20006, 'Password too simple');
  END IF;


  -- Check if the password is the same as oracle (1-100)
    simple_password := 'oracle';
    FOR i IN 1..100 LOOP
      i_char := to_char(i);
      if simple_password || i_char = NLS_LOWER(password) THEN
        raise_application_error(-20007, 'Password too simple ');
      END IF;
    END LOOP;


  -- Check if the password contains at least one letter, one digit
  -- 1. Check for the digit
  isdigit:=FALSE;
  m := length(password);
  FOR i IN 1..10 LOOP
      FOR j IN 1..m LOOP
        IF substr(password,j,1) = substr(digitarray,i,1) THEN
            isdigit:=TRUE;
            GOTO findchar;
        END IF;
      END LOOP;
  END LOOP;


  IF isdigit = FALSE THEN
      raise_application_error(-20008, 'Password must contain at least one digit, one character');
  END IF;
  -- 2. Check for the character
 
  ischar:=FALSE;
  FOR i IN 1..length(chararray) LOOP
      FOR j IN 1..m LOOP
        IF substr(password,j,1) = substr(chararray,i,1) THEN
            ischar:=TRUE;
            GOTO endsearch;
        END IF;
      END LOOP;
  END LOOP;
  IF ischar = FALSE THEN
      raise_application_error(-20009, 'Password must contain at least one
              digit, and one character');
  END IF;

 


 
  -- Check if the password differs from the previous password by at least
  -- 3 letters
  IF old_password IS NOT NULL THEN
    differ := length(old_password) - length(password);


    differ := abs(differ);
    IF differ < 3 THEN
      IF length(password) < length(old_password) THEN
        m := length(password);
      ELSE
        m := length(old_password);
      END IF;


      FOR i IN 1..m LOOP
        IF substr(password,i,1) != substr(old_password,i,1) THEN
          differ := differ + 1;
        END IF;
      END LOOP;


      IF differ < 3 THEN
        raise_application_error(-20011, 'Password should differ from the
            old password by at least 3 characters');
      END IF;
    END IF;
  END IF;
  -- Everything is fine; return TRUE ; 
  RETURN(TRUE);
END;
/

(2)创建密码检查profile及应用于业务用户
 CREATE PROFILE profile_pwd LIMIT PASSWORD_VERIFY_FUNCTION verify_function;
 ALTER USER NDMC PROFILE profile_pwd;

--------------------------------------------------------------------------------

Linux-6-64下安装Oracle 12C笔记

在CentOS 6.4下安装Oracle 11gR2(x64)

Oracle 11gR2 在VMWare虚拟机中安装步骤

Debian 下 安装 Oracle 11g XE R2

Oracle 11g 强制修改密码 ORA-28001 的 处理方法

--------------------------------------------------------------------------------


    
 
 
 
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。












  • 相关文章推荐
  • Oracle帐户管理
  • Oracle 12c发布简单介绍及官方下载地址
  • 在linux下安装oracle,如何设置让oracle自动启动!也就是让oracle那个服务自动启动,不是手动的
  • oracle 11g最新版官方下载地址
  • 请问su oracle 和su - oracle有什么不同?
  • Oracle 数据库(oracle Database)Select 多表关联查询方式
  • 虚拟机装Oracle R12与Oracle10g
  • Oracle数据库(Oracle Database)体系结构及基本组成介绍
  • Oracle 数据库开发工具 Oracle SQL Developer
  • 如何设置让Oracle SQL Developer显示的时间包含时分秒
  • Oracle EBS R12 支持 Oracle Database 11g
  • Oracle 10g和Oracle 11g网格技术介绍
  • SCO unix下安装oracle,但没有光盘,请大家推荐一个oracle下载站点(unix版本的)。谢谢!!!!
  • oracle中如何把表中具有相同值列的多行数据合并成一行
  • 请问大家用oracle数据库, 用import oracle.*;下的东西么? 还是用标准库?
  • Oracle 数据库(oracle Database)性能调优技术详解
  • Linux /$ORACLE_HOME $ORACLE_HOME
  • ORACLE日期相关操作
  • Linux系统下Oracle的启动与Oracle监听的启动
  • ORACLE数据库常用字段数据类型介绍
  • 请问在solaris下安装ORACLE,用root用户和用oracle用户安装有什么区别么?
  • Oracle 12c的九大最新技术特性介绍
  • 网间Oracle的连接,远程连接Oracle服务器??


  • 站内导航:


    特别声明:169IT网站部分信息来自互联网,如果侵犯您的权利,请及时告知,本站将立即删除!

    ©2012-2021,