Shulou(Shulou.com)05/31 Report--

This article focuses on "delayed verification of Oracle database passwords". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn the delayed verification of Oracle database passwords.

Password delay verification official documentation description:

Oracle ®Database Security Guide 11g Release 1

Preventing passwords from being broken. If a user tries to login to Oracle Database multiple times using an incorrect password, Oracle Database delays each login. This protection applies for attempts made from different IP addresses or multiple client connections. Afterwards, it gradually increases the time before the user can try another password, up to a maximum of about 10 seconds. If the user enters the correct password, he or she is able to log in successfully without any delay.

This feature significantly decreases the number of passwords that an intruder would be able to try within a fixed time period when attempting to log in. The failed logon delay slows down each failed logon attempt, increasing the overall time that is required to perform a password-guessing attack, because such attacks usually require a very large number of failed logon attempts.

The original purpose of password delayed verification is to prevent the password from being broken violently in a short period of time. With the number of password errors, the delayed verification time will gradually increase to a maximum of 10s.

If there are a large number of event-free sessions, or library cache lock, due to password delayed authentication, you can turn off password delayed authentication on the premise of security.

Password delayed verification can be turned off in different versions with the following settings:

11g:

# setting event:event = "28401 trace name context forever,level 1" SQL > alter system set event= "28401 trace name context forever,level 1" scope=spfile;# in spfile for SYS users, you can see that this parameter is for sys users in 11g: _ sys_logon_delay 1 TRUE failed logon delay for sys SQL > alter system set "_ sys_logon_delay" = 0 scope=spfile

12c

# you can see that in 12c, this parameter has been changed to control the database instance, so you can turn off password delayed verification _ sys_logon_delay 1 TRUE The failed logon delay for the database instance by modifying this parameter. I believe you have a better understanding of "delayed verification of Oracle database passwords". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.