3.2 Default Password Requirements
Oracle Exadata Deployment Assistant (OEDA) implements a default password policy on Oracle Exadata Database Machine.
The last step of OEDA, "Secure Oracle Exadata Database Machine", implements the following password requirements:
- Dictionary words are not valid or accepted.
- Character classes for passwords are uppercase letters, lowercase letters, digits, and special characters.
- Passwords must contain characters from all four character classes. Passwords using only one, two, or three character classes are not allowed.
- The minimum length of a password is eight characters.
- Pass-phrases are allowed. A pass-phrase should contain at least three words, be 16 to 40 characters in length, and contain different character classes.
- A new password cannot be similar to old passwords. There must be at least eight characters in the new password that were not present in the old password.
- A maximum of three consecutive characters of the same value can be used in a password.
- A maximum of four consecutive characters of the same character class can be used in a password. For example,
abcde1#6B
cannot be used as a password because it uses five consecutive lower case letters.
Parent topic: User Security on Oracle Exadata