|Skip Navigation Links|
|Exit Print View|
|Oracle Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1)|
All password policies involve the following configurable components:
Password complexity requirements. Specifies the composition of the password and its required number of characters. Typically, you would specify the minimum number of characters used in a password, the type of characters allowed, and the required number of numeric characters. For example, many institutions require a minimum of seven or eight characters, one numeral, one special character, as well as a mix of uppercase and lowercase letters.
Password history. Determines the number of unique passwords a user must use before an old password can be reused.
Maximum password age. Determines how long a password can be used before the user is allowed or required to change it.
Minimum password age. Determines how long a new password must be kept before the user can change it.
First Login. Determines if the user will be required to change his password upon first logging in to the system.
Authorized password change. Refers to the conditions under which a user can change his password. For example, before a user can change his password, the server can be configured to require the user to enter his current password to authenticate his identity before entering a new password.
Account lockout. Determines the conditions under which an account is disabled for access by the user. For example, if a user fails to properly authenticate after three attempts, then the server can be configured to lock the account on the fourth attempt. The administrator will be required to manually unlock the account for user.
Password storage scheme. Determines how the password is to be encrypted and stored on the server. You can configure storage schemes for certain accounts on the server. For example, root user passwords require strong encryption due to the importance of the account and its privileges. Thus, you can configure the use the SSHA-512 storage scheme to store root user passwords.