1. Security Guide
  2. Oracle LSH and Oracle DMW Security
  3. User Security Features
  4. User Password Security

User Password Security

Oracle recommends that you use the profile settings described in this section to provide optimal security in login password usage in Oracle LSH:

  • Password case sensitivity: You must set this profile to Insensitive if you are using Oracle LSH Programs of type Business Intelligence Publisher to enable users to log in to BI Publisher using their single sign-on credentials.

  • Password length requirement: This profile determines the minimum number of characters required in a user's Oracle LSH login password. The default setting is 5. Oracle recommends a setting of 8 or more for use with Oracle LSH.

  • "Hard to guess" requirement: This profile enforces requirements that make it more difficult to guess what another user's password might be. These requirements come as a package; you must either accept or reject the whole. Oracle recommends a setting of Yes (to accept the package) for use with Oracle LSH.

  • "Forgot your password?" functionality: For Oracle LSH, Oracle recommends a setting of 40 for the Local Login Mask profile. This setting displays a "Forgot your password?" link on the Login page. If the user clicks this link, the system loads a page where the user can enter his or her username.

    The user then receives an email stating, "Password reset requires approval." The user needs to click one of the choices "Approve" or "Reject" that automatically generate an email response. If the user ignores the notification, the request expires in four hours.

  • Limit on log-in attempts: This profile option determines the maximum number of logins a user can attempt before the user's account is disabled. To reinstate the account a system administrator must unlock the account and reset the password. For example, if the value set is 3, it will lock the account if the user enters incorrect password 3 times.

  • Time limit on password reuse after resetting a password: This profile will set the minimum number of days that a user must wait after changing his or her password before being allowed to reuse a password. The user can use the new password once and then must wait the number of days you set before he or she can reuse the password.

    For example, if the value of this profile is set to 5, a user who changes his or her password cannot reuse the password until 5 days after they reset.

    If the profile value is set to the number 0, then there is no restriction on password reuse.

See "Setting Password Requirements" in the Oracle Life Sciences Data Hub System Administrator's Guide.

To change their own passwords, both Oracle LSH and Oracle DMW users must use Preferences in Oracle LSH. See the Oracle Life Sciences Data Hub User's Guide and the Oracle Life Sciences Data Management Workbench User's Guide.

Parent topic: User Security Features