We are looking at implementing password profiles on our database users and attaching a password verification function....
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
I read where ALTER USER does not fully support password verification functions. In what way? I would hate to not be able to use ALTER USER for changing passwords. Oracle Corp. has stated that the only approved methods of changing a password with a password verification function are through the SQL*Plus password command and through the OCIPasswordChange call. If a normal user uses the ALTER USER command and they have a password verification function, then they will receive an error, even if the password passes the verification function. If a DBA user issues the ALTER USER command, then the password verification function is bypassed. This was very frustrating because only SQL*Plus and OCI applications could use the password verfication function. Even Oracle's own products, like Oracle Forms could not have a user change the password if a password verification function was employed.
It took quite some time, but Oracle finally classified this as a bug, Bug #1231172. The Oracle 18.104.22.168 patchset, and Oracle 22.214.171.124 now have the capability to let the user issue a command as follows:
ALTER USER user IDENTIFIED BY 'newpassword' REPLACE 'oldpassword';
This command will let the user issue the ALTER USER command and still employ a password verification function.
Dig Deeper on Oracle database design and architecture
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.