{"id":6800,"date":"2016-01-12T19:01:09","date_gmt":"2016-01-12T18:01:09","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/"},"modified":"2023-06-08T15:03:07","modified_gmt":"2023-06-08T13:03:07","slug":"protect-your-oracle-password-function","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/","title":{"rendered":"Protect your oracle password function"},"content":{"rendered":"

By Mouhamadou Diaw<\/strong><\/p>\n

Every DBA knows the famous oracle password verification script $ORALE_HOME\/rdbms\/admin\/utlpwdmg.sql
\nThis function can be used to control password complexity.
\nThis script should be protected from unauthorized users. The reason is that by adding an insert in this function, someone can get passwords of users in the database.<\/p>\n

Let\u2019s go through an example<\/p>\n

Here is my script (I have modified initial oracle script by just adding the 2 lines after the BEGIN)<\/p>\n

\n
\n\n\n\n
\n
1<\/div>\n
2<\/div>\n
3<\/div>\n
4<\/div>\n
5<\/div>\n
6<\/div>\n
7<\/div>\n
8<\/div>\n
9<\/div>\n
10<\/div>\n
11<\/div>\n
12<\/div>\n
13<\/div>\n
14<\/div>\n
15<\/div>\n
16<\/div>\n
17<\/div>\n
18<\/div>\n
19<\/div>\n
20<\/div>\n
21<\/div>\n
22<\/div>\n
23<\/div>\n
24<\/div>\n
25<\/div>\n
26<\/div>\n
27<\/div>\n
28<\/div>\n
29<\/div>\n
30<\/div>\n
31<\/div>\n
32<\/div>\n
33<\/div>\n
34<\/div>\n
35<\/div>\n
36<\/div>\n
37<\/div>\n
38<\/div>\n
39<\/div>\n
40<\/div>\n
41<\/div>\n
42<\/div>\n
43<\/div>\n
44<\/div>\n
45<\/div>\n
46<\/div>\n
47<\/div>\n
48<\/div>\n
49<\/div>\n
50<\/div>\n
51<\/div>\n
52<\/div>\n
53<\/div>\n
54<\/div>\n
55<\/div>\n
56<\/div>\n
57<\/div>\n
58<\/div>\n
59<\/div>\n
60<\/div>\n
61<\/div>\n
62<\/div>\n
63<\/div>\n
64<\/div>\n
65<\/div>\n
66<\/div>\n
67<\/div>\n
68<\/div>\n
69<\/div>\n
70<\/div>\n
71<\/div>\n
72<\/div>\n
73<\/div>\n
74<\/div>\n
75<\/div>\n
76<\/div>\n
77<\/div>\n
78<\/div>\n
79<\/div>\n
80<\/div>\n
81<\/div>\n
82<\/div>\n
83<\/div>\n<\/td>\n
\n
\n
CREATE<\/code> OR<\/code> REPLACE<\/code> FUNCTION<\/code> ora12c_verify_function<\/code><\/div>\n
(username varchar2,<\/code><\/div>\n
\u00a0<\/code>password<\/code> varchar2,<\/code><\/div>\n
\u00a0<\/code>old_password varchar2)<\/code><\/div>\n
RETURN<\/code> boolean <\/code>IS<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>differ <\/code>integer<\/code>;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>pw_lower varchar2(256); <\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>db_name varchar2(40);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>i <\/code>integer<\/code>;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>simple_password varchar2(10);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>reverse_user varchar2(32);<\/code><\/div>\n
BEGIN<\/code><\/div>\n
-- ########## #Insert here these lines #################<\/code><\/div>\n
<\/div>\n
INSERT<\/code> INTO<\/code> MYTAB <\/code>VALUES<\/code> (username,<\/code>password<\/code>);<\/code><\/div>\n
COMMIT<\/code>;<\/code><\/div>\n
<\/div>\n
--#######################END INSERT ################<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF <\/code>NOT<\/code> ora_complexity_check(<\/code>password<\/code>, chars => 8, letter => 1, digit => 1) <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>RETURN<\/code>(<\/code>FALSE<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password contains the username<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>pw_lower := NLS_LOWER(<\/code>password<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF instr(pw_lower, NLS_LOWER(username)) > 0 <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20002, <\/code>'Password contains the username'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password contains the username reversed<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>reverse_user := <\/code>''<\/code>;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>FOR<\/code> i <\/code>in<\/code> REVERSE 1..length(username) LOOP<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>reverse_user := reverse_user || substr(username, i, 1);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> LOOP;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF instr(pw_lower, NLS_LOWER(reverse_user)) > 0 <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20003, <\/code>'Password contains the username '<\/code> || <\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>'reversed'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password contains the server name<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>select<\/code> name<\/code> into<\/code> db_name <\/code>from<\/code> sys.v$<\/code>database<\/code>;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF instr(pw_lower, NLS_LOWER(db_name)) > 0 <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20004, <\/code>'Password contains the server name'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password contains 'oracle'<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF instr(pw_lower, <\/code>'oracle'<\/code>) > 0 <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20006, <\/code>'Password too simple'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password is too simple. A dictionary of words may be<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>-- maintained and a check may be made so as not to allow the words<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>-- that are too simple for the password.<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF pw_lower <\/code>IN<\/code> (<\/code>'welcome1'<\/code>, <\/code>'database1'<\/code>, <\/code>'account1'<\/code>, <\/code>'user1234'<\/code>,<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>'password1'<\/code>, <\/code>'oracle123'<\/code>, <\/code>'computer1'<\/code>, <\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>'abcdefg1'<\/code>, <\/code>'change_on_install'<\/code>) <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20006, <\/code>'Password too simple'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>-- Check if the password differs from the previous password by at least<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>-- 3 characters<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>IF old_password <\/code>IS<\/code> NOT<\/code> NULL<\/code> THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>differ := ora_string_distance(old_password, <\/code>password<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>IF differ < 3 <\/code>THEN<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>raise_application_error(-20010, <\/code>'Password should differ from the '<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>|| <\/code>'old password by at least 3 characters'<\/code>);<\/code><\/div>\n
\u00a0\u00a0\u00a0\u00a0\u00a0<\/code>END<\/code> IF;<\/code><\/div>\n
\u00a0\u00a0\u00a0<\/code>END<\/code> IF ;<\/code><\/div>\n
<\/div>\n
\u00a0\u00a0\u00a0<\/code>RETURN<\/code>(<\/code>TRUE<\/code>);<\/code><\/div>\n
END<\/code>;<\/code><\/div>\n
\/<\/code><\/div>\n
<\/div>\n
GRANT<\/code> EXECUTE<\/code> ON<\/code> ora12c_verify_function <\/code>TO<\/code> PUBLIC<\/code>;<\/code><\/div>\n
<\/div>\n
<\/div>\n
ALTER<\/code> PROFILE profile1\u00a0 LIMIT<\/code><\/div>\n
PASSWORD_LIFE_TIME 180<\/code><\/div>\n
PASSWORD_GRACE_TIME 7<\/code><\/div>\n
PASSWORD_REUSE_TIME UNLIMITED<\/code><\/div>\n
PASSWORD_REUSE_MAX\u00a0 UNLIMITED<\/code><\/div>\n
FAILED_LOGIN_ATTEMPTS 10<\/code><\/div>\n
PASSWORD_LOCK_TIME 1<\/code><\/div>\n
PASSWORD_VERIFY_FUNCTION ora12c_verify_function;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n

Now let\u2019s create the profile1 and the table mytab, and after let\u2019s execute the script<\/p>\n

\n
\n\n\n\n
\n
1<\/div>\n
2<\/div>\n
3<\/div>\n
4<\/div>\n
5<\/div>\n
6<\/div>\n
7<\/div>\n
8<\/div>\n
9<\/div>\n
10<\/div>\n
11<\/div>\n
12<\/div>\n
13<\/div>\n
14<\/div>\n
15<\/div>\n
16<\/div>\n
17<\/div>\n<\/td>\n
\n
\n
\u00a0<\/code>SQL> <\/code>create<\/code> profile profile1 limit connect_time 45;<\/code><\/div>\n
<\/div>\n
Profile created.<\/code><\/div>\n
<\/div>\n
SQL> <\/code>create<\/code> table<\/code> mytab (login varchar2(30),passe varchar2(30));<\/code><\/div>\n
<\/div>\n
Table<\/code> created.<\/code><\/div>\n
<\/div>\n
SQL> @?\/rdbms\/admin\/utlpwdmg_mod.sql<\/code><\/div>\n
<\/div>\n
Function<\/code> created.<\/code><\/div>\n
<\/div>\n
Grant<\/code> succeeded.<\/code><\/div>\n
<\/div>\n
Profile altered.<\/code><\/div>\n
<\/div>\n
SQL><\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n

At this moment our password complexity is now working<\/p>\n

\n
\n\n\n\n
\n
1<\/div>\n
2<\/div>\n
3<\/div>\n
4<\/div>\n
5<\/div>\n
6<\/div>\n
7<\/div>\n
8<\/div>\n
9<\/div>\n
10<\/div>\n
11<\/div>\n
12<\/div>\n
13<\/div>\n
14<\/div>\n<\/td>\n
\n
\n
SQL> <\/code>create<\/code> user<\/code> joe identified <\/code>by<\/code> joe profile profile1;<\/code><\/div>\n
create<\/code> user<\/code> joe identified <\/code>by<\/code> joe profile profile1<\/code><\/div>\n
*<\/code><\/div>\n
ERROR <\/code>at<\/code> line 1:<\/code><\/div>\n
ORA-28003: <\/code>password<\/code> verification <\/code>for<\/code> the specified <\/code>password<\/code> failed<\/code><\/div>\n
ORA-20001: <\/code>Password<\/code> length less than 8<\/code><\/div>\n
<\/div>\n
SQL> <\/code>create<\/code> user<\/code> joe identified <\/code>by<\/code> \"DarV@rd0r25\"<\/code> profile profile1;<\/code><\/div>\n
<\/div>\n
User<\/code> created.<\/code><\/div>\n
<\/div>\n
SQL> <\/code>alter<\/code> user<\/code> joe identified <\/code>by<\/code> \"Leil@Pri120\"<\/code>;<\/code><\/div>\n
<\/div>\n
User<\/code> altered.<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n

But now let\u2019s do a select in\u00a0\u00a0our mytab table<\/p>\n

\n
\n\n\n\n
\n
1<\/div>\n
2<\/div>\n
3<\/div>\n
4<\/div>\n
5<\/div>\n
6<\/div>\n
7<\/div>\n
8<\/div>\n
9<\/div>\n<\/td>\n
\n
\n
SQL> <\/code>select<\/code> * <\/code>from<\/code> mytab;<\/code><\/div>\n
<\/div>\n
LOGIN\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 PASSE<\/code><\/div>\n
------------------------------ ------------------------------<\/code><\/div>\n
JOE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 joe<\/code><\/div>\n
JOE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 DarV@rd0r25<\/code><\/div>\n
JOE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Leil@Pri120<\/code><\/div>\n
<\/div>\n
SQL><\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n

Waw we have passwords, and even if we alter the password user, we will have the new one in the table.<\/p>\n

That means that we have to protect our password verification script and we have to regularly audit the script to see if there is any change inside.<\/p>\n

This is not a flaw , but just we must be careful when using this function.<\/p>\n","protected":false},"excerpt":{"rendered":"

By Mouhamadou Diaw Every DBA knows the famous oracle password verification script $ORALE_HOME\/rdbms\/admin\/utlpwdmg.sql This function can be used to control password complexity. This script should be protected from unauthorized users. The reason is that by adding an insert in this function, someone can get passwords of users in the database. Let\u2019s go through an example […]<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229],"tags":[],"type_dbi":[],"class_list":["post-6800","post","type-post","status-publish","format-standard","hentry","category-database-administration-monitoring"],"acf":[],"yoast_head":"\nProtect your oracle password function - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protect your oracle password function\" \/>\n<meta property=\"og:description\" content=\"By Mouhamadou Diaw Every DBA knows the famous oracle password verification script $ORALE_HOME\/rdbms\/admin\/utlpwdmg.sql This function can be used to control password complexity. This script should be protected from unauthorized users. The reason is that by adding an insert in this function, someone can get passwords of users in the database. Let\u2019s go through an example […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2016-01-12T18:01:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-08T13:03:07+00:00\" \/>\n<meta name=\"author\" content=\"Oracle Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Oracle Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\"},\"author\":{\"name\":\"Oracle Team\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\"},\"headline\":\"Protect your oracle password function\",\"datePublished\":\"2016-01-12T18:01:09+00:00\",\"dateModified\":\"2023-06-08T13:03:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\"},\"wordCount\":184,\"commentCount\":1,\"articleSection\":[\"Database Administration & Monitoring\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\",\"name\":\"Protect your oracle password function - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"datePublished\":\"2016-01-12T18:01:09+00:00\",\"dateModified\":\"2023-06-08T13:03:07+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protect your oracle password function\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\",\"name\":\"Oracle Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"caption\":\"Oracle Team\"},\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/oracle-team\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Protect your oracle password function - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/","og_locale":"en_US","og_type":"article","og_title":"Protect your oracle password function","og_description":"By Mouhamadou Diaw Every DBA knows the famous oracle password verification script $ORALE_HOME\/rdbms\/admin\/utlpwdmg.sql This function can be used to control password complexity. This script should be protected from unauthorized users. The reason is that by adding an insert in this function, someone can get passwords of users in the database. Let\u2019s go through an example […]","og_url":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/","og_site_name":"dbi Blog","article_published_time":"2016-01-12T18:01:09+00:00","article_modified_time":"2023-06-08T13:03:07+00:00","author":"Oracle Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Oracle Team","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/"},"author":{"name":"Oracle Team","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee"},"headline":"Protect your oracle password function","datePublished":"2016-01-12T18:01:09+00:00","dateModified":"2023-06-08T13:03:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/"},"wordCount":184,"commentCount":1,"articleSection":["Database Administration & Monitoring"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/","url":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/","name":"Protect your oracle password function - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"datePublished":"2016-01-12T18:01:09+00:00","dateModified":"2023-06-08T13:03:07+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/protect-your-oracle-password-function\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Protect your oracle password function"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee","name":"Oracle Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","caption":"Oracle Team"},"url":"https:\/\/www.dbi-services.com\/blog\/author\/oracle-team\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/6800","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=6800"}],"version-history":[{"count":1,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/6800\/revisions"}],"predecessor-version":[{"id":25669,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/6800\/revisions\/25669"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=6800"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=6800"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=6800"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=6800"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}