[Translated from mos] When sec_case_sensitive_logon = true, how can I enable a password with a mix of upper and lower cases ?, Sensitive
When sec_case_sensitive_logon = true, how can I enable a password with a mix of upper and lower cases?
Source:
How To Enforce Mixed Case Passwords When sec_case_sensitive_logon = true? (Documentation ID 1307555.1)
Applicable:
Oracle Server-Enterprise Edition-Version 11.1.0.6 to 11.2.0.2 [Release 11.1 to 11.2]
Information in this document applies to any platform.
* ** Checked for relevance on 20-SEP-2012 ***
Objectives:
After sec_case_sensitive_logon = true is set, how can I enable a password with a mix of upper and lower cases for the user in the database?
Solution:
The supplied password verify function in the file $ ORACLE_HOME/rdbms/admin/utlpwdmg. SQL does not enforce that the password has both upper and lower case characters. to achieve this, it is possible to modify the function as follows:
Cp utlpwdmg. SQL utlpwdmg_modif. SQL
Vi utlpwdmg_modif. SQL
Add the following code:
-- Check the password uses mixed caseif upper(password) = password or lower(password) = password thenraise_application_error(-20012, 'Password is not mixed case');end if;
Then run the script utlpwdmg_modif. SQL as user SYS and to test:
create profile test_profile limit password_verify_function verify_function_11g; create user test identified by test profile test_profile; connect test/test SQL> alter user test identified by "kachel1#" replace test; alter user test identified by "kachel1#" replace test * ERROR at line 1: ORA-28003: password verification for the specified password failed ORA-20012: Password is not mixed case SQL> alter user test identified by "KACHEL1#" replace test; alter user test identified by "KACHEL1#" replace test * ERROR at line 1: ORA-28003: password verification for the specified password failed ORA-20012: Password is not mixed case SQL> alter user test identified by "Kachel1#" replace test; User altered.