Edit D:\app\Administrator\product\11.2.0\dbhome_1\apex\images\doc\sec_password_complex.htm
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="Content-Script-Type" content="text/javascript" /> <title>About Setting Password Complexity Rules</title> <meta name="generator" content="Oracle DARB XHTML Converter (Mode = ohj/ohw) - Version 5.1" /> <meta name="date" content="2009-04-14T16:11:31Z" /> <meta name="robots" content="noarchive" /> <meta name="doctitle" content="About Setting Password Complexity Rules" /> <meta name="relnum" content="Release 3.2" /> <meta name="partnum" content="E11947-01" /> <link rel="copyright" href="dcommon/html/cpyr.htm" title="Copyright" type="text/html" /> <link rel="stylesheet" href="dcommon/css/blafdoc.css" title="Oracle BLAFDoc" type="text/css" /> <link rel="contents" href="toc.htm" title="Contents" type="text/html" /> <link rel="up" href="preface.htm" title="Home" type="text/html" /> <link rel="up" href="sec.htm" title="Managing Application Security" type="text/html" /> <link rel="up" href="sec_admin.htm" title="Understanding Administrator..." type="text/html" /> <link rel="up" href="sec_password_complex.htm" title="About Setting Password Comp..." type="text/html" /> <link rel="prev" href="sec_bi_publisher.htm" title="Previous" type="text/html" /> <link rel="next" href="sec_rumtime.htm" title="Next" type="text/html" /> </head> <body> <p id="BREADCRUMBING"><a href="preface.htm" title="Home">Home</a> > <a href="sec.htm" title="Managing Application Security">Managing Application Security</a> > <a href="sec_admin.htm" title="Understanding Administrator...">Understanding Administrator...</a> > About Setting Password Comp...</p> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <col width="86%" /> <col width="*" /> <tr valign="bottom"> <td align="left"></td> <td align="center"><a href="sec_bi_publisher.htm"><img src="dcommon/gifs/leftnav.gif" alt="Previous" /><br /> <span class="icon">Previous</span></a> </td> <td align="center"><a href="sec_rumtime.htm"><img src="dcommon/gifs/rightnav.gif" alt="Next" /><br /> <span class="icon">Next</span></a></td> </tr> </table> <p><a id="CHDIDAJI" name="CHDIDAJI"></a></p> <div class="sect2"> <h1>About Setting Pa<a id="sthref1929" name="sthref1929"></a><a id="sthref1930" name="sthref1930"></a>ssword Complexity Rules</h1> <p>Workspace administrators and developers can create user accounts for the purpose of logging in to the Oracle Application Express development environment and for end-user authentication to applications developed within their workspaces. The Oracle Application Express administrator can create password complexity rules, or a policy, for the passwords of these accounts. These rules apply to all accounts in the installation, across all workspaces.</p> <p>The following are example password complexity policies:</p> <p>All passwords must:</p> <ul> <li> <p>Contain at least one upper-case character</p> </li> <li> <p>Contain at least one numeric digit</p> </li> <li> <p>Must be at least six characters long</p> </li> </ul> <p>Note that many other variations are possible. Oracle recommends administrators establish a password complexity policy for each Oracle Application Express instance. To learn more, see "<a href="AEADM/adm_env.htm">Enabling Login Controls for All Workspaces</a>," "<a href="AEADM/adm_env.htm">About Password Policies</a>," and "<a href="AEADM/aadm_prefs.htm">Enabling Login Controls for a Workspace</a>" in <span class="italic">Oracle Application Express Administration Guide</span>.</p> <div class="sect3"><!-- infolevel="all" infotype="General" --><a id="sthref1931" name="sthref1931"></a> <h2>Restricting Password Reuse</h2> <p>Site administrators can restrict password reuse for all administrator, developer, and end-user accounts based on a history of passwords previously used for the accounts.</p> <p>To restrict password reuse:</p> <ol> <li> <p>Start SQL*Plus and connect to the database where Oracle Application Express is installed having the apex_administrator_role role or as <code>SYS</code> specifying the <code>SYSDBA</code> role. For example:</p> <ul> <li> <p>On Windows:</p> <pre xml:space="preserve" class="oac_no_warn"> <span class="italic">SYSTEM_DRIVE:\</span> sqlplus /nolog SQL> CONNECT SYS as SYSDBA Enter password: <span class="italic">SYS_password</span> </pre></li> <li> <p>On UNIX and Linux:</p> <pre xml:space="preserve" class="oac_no_warn"> $ sqlplus /nolog SQL> CONNECT SYS as SYSDBA Enter password: <span class="italic">SYS_password</span> </pre></li> </ul> </li> <li> <p>Execute the following statement:</p> <pre xml:space="preserve" class="oac_no_warn"> ALTER SESSION SET CURRENT_SCHEMA = APEX_030200; </pre></li> <li> <p>Execute the following statement:</p> <pre xml:space="preserve" class="oac_no_warn"> BEGIN APEX_INSTANCE_ADMIN.SET_PARAMETER('PASSWORD_HISTORY_DAYS',365); COMMIT; END; / </pre> <p>This will restrict new or updated passwords to those that have not been used for the account for the previous 365 days. Recording of previously used passwords (actually, hashed representations of passwords) begins upon installation of Oracle Application Express 3.2.</p> </li> <li> <p>To disable this feature, run the block above, providing 0 for the parameter value. For example:</p> <pre xml:space="preserve" class="oac_no_warn"> BEGIN APEX_INSTANCE_ADMIN.SET_PARAMETER('PASSWORD_HISTORY_DAYS',0); COMMIT; END; / </pre></li> </ol> <div align="center"> <div class="inftblnotealso"><br /> <table class="NoteAlso oac_no_warn" summary="" cellpadding="3" cellspacing="0"> <tbody> <tr> <td align="left"> <p class="notep1">Tip:</p> Developers can also use the <code>APEX_UTIL.STRONG_PASSWORD_CHECK</code> procedure and the <code>APEX_UTIL.STRONG_PASSWORD_VALIDATION</code> function described in <span class="italic"><a href="AEAPI/preface.htm">Oracle Application Express API Reference</a></span>.</td> </tr> </tbody> </table> <br /></div> <!-- class="inftblnotealso" --></div> </div> <!-- class="sect3" --></div> <!-- class="sect2" --> <!-- Start Footer --> <div class="footer"> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <col width="86%" /> <col width="*" /> <tr> <td align="left"><span class="copyrightlogo">Copyright © 2003, 2009, Oracle and/or its affiliates. All rights reserved.</span><br /> <a href="dcommon/html/cpyr.htm"><span class="copyrightlogo">Legal Notices</span></a></td> <td align="center"><a href="sec_bi_publisher.htm"><img src="dcommon/gifs/leftnav.gif" alt="Previous" /><br /> <span class="icon">Previous</span></a> </td> <td align="center"><a href="sec_rumtime.htm"><img src="dcommon/gifs/rightnav.gif" alt="Next" /><br /> <span class="icon">Next</span></a></td> </tr> </table> </div> <!-- class="footer" --> </body> </html>
Ms-Dos/Windows
Unix
Write backup
jsp File Browser version 1.2 by
www.vonloesch.de