關於密碼重用參數PASSWORD_REUSE_TIME,PASSWORD_REUSE_MAX之間的關系及其演示

本文轉載自查看原文 2019-05-27 13:55 2331

轉自：

https://blog.51cto.com/carefree/1382811

測試環境：10.2.0.2.0
測試用戶：SCOTT
測試用的三組密碼：oracle1 oracle2 oracle3

PASSWORD_REUSE_TIME和PASSWORD_REUSE_MAX：這兩個參數必須互相關聯設置，password_reuse_time指定了密碼不能重用前的天數，而password_reuse_max則指定了當前密碼被重用之前密碼改變的次數。

總結兩者之間的規律：
(1)PASSWORD_REUSE_MAX，PASSWORD_REUSE_TIME都為UNLIMITED，密碼可以隨意重用，沒有任何限制。
(2)PASSWORD_REUSE_MAX，PASSWORD_REUSE_TIME均為指定值時，必須滿足這兩者的條件時才可以重用密碼。
(3)當PASSWORD_REUSE_MAX，PASSWORD_REUSE_TIME兩個有其中一個不為UNLIMITED，則密碼永遠不能重用。

以下為驗證過程：

--確認SCOTT使用的DEFAULT profile
SQL> select USERNAME from dba_users where PROFILE='DEFAULT' and USERNAME='SCOTT';
USERNAME
------------------------------
SCOTT

第一種情況，PASSWORD_REUSE_TIME,PASSWORD_REUSE_MAX值均為UNLIMITED

SQL>  select profile,limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_TIME';
PROFILE                        LIMIT
------------------------------ ----------------------------------------
DEFAULT                        UNLIMITED
SQL>  select profile,limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_MAX';
PROFILE                        LIMIT
------------------------------ ----------------------------------------
DEFAULT                        UNLIMITED
--測試
SQL> alter user scott identified by oracle;
User altered.
SQL> /
User altered.
SQL> /
User altered.

可以發現，用戶密碼可以不受限制的重用

第二種情況，PASSWORD_REUSE_TIME,PASSWORD_REUSE_MAX值均不為UNLIMITED，這里設定ASSWORD_REUSE_TIME 1/1440表示一分鍾后可以重用，PASSWORD_REUSE_MAX 1表示密碼更新過一次即可重用。

SQL> alter profile DEFAULT limit PASSWORD_REUSE_MAX 1;
Profile altered.
SQL> alter profile DEFAULT limit PASSWORD_REUSE_TIME 1/1440;
Profile altered.
--測試
SQL> alter user scott identified by oracle1;
User altered.
SQL> select to_char(sysdate,'yyyy-mm-dd,hh24:mi:ss') as a from dual;
A
-------------------
2014-03-20,23:40:45
SQL> alter user scott identified by oracle;
User altered.
SQL> select to_char(sysdate,'yyyy-mm-dd,hh24:mi:ss') as a from dual;
A
-------------------
2014-03-20,23:42:05
SQL> alter user scott identified by oracle1;
User altered.
SQL>  select to_char(sysdate,'yyyy-mm-dd,hh24:mi:ss') as a from dual;
A
-------------------
2014-03-20,23:42:18
--間隔不足一分鍾，更改提示失敗
SQL> alter user scott identified by oracle;
alter user scott identified by oracle
*
ERROR at line 1:
ORA-28007: the password cannot be reused
--直接用上一次的密碼更改，更改失敗
SQL> alter user scott identified by oracle1;
alter user scott identified by oracle1
*
ERROR at line 1:
ORA-28007: the password cannot be reused

由上面的實驗，我們可以看出，PASSWORD_REUSE_TIME,PASSWORD_REUSE_MAX值均不為UNLIMITED，必須同時滿足這兩個條件才可以更改密碼。

第三種情況，PASSWORD_REUSE_TIME 為UNLIMITED，PASSWORD_REUSE_MAX為1

SQL> alter profile DEFAULT limit PASSWORD_REUSE_TIME unlimited;
Profile altered.
--測試
SQL>  alter user scott identified by oracle1;
alter user scott identified by oracle1
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user scott identified by oracle2;
User altered.
SQL> alter user scott identified by oracle1;
alter user scott identified by oracle1
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user scott identified by oracle;
alter user scott identified by oracle
*
ERROR at line 1:
ORA-28007: the password cannot be reused

由此可以看出，當PASSWORD_REUSE_TIME 為UNLIMITED，PASSWORD_REUSE_MAX為指定值，密碼在任何時候都不可以重用。

第四種情況，PASSWORD_REUSE_MAX 為UNLIMITED，PASSWORD_REUSE_TIME為1/1440。

SQL> alter profile DEFAULT limit PASSWORD_REUSE_MAX unlimited;
Profile altered.
SQL> alter profile DEFAULT limit PASSWORD_REUSE_TIME 1/1440;
Profile altered.
SQL> select to_char(sysdate,'yyyy-mm-dd,hh24:mi:ss') as a from dual;
A
-------------------
2014-03-20,23:50:16
SQL> select to_char(sysdate,'yyyy-mm-dd,hh24:mi:ss') as a from dual;
A
-------------------
2014-03-20,23:53:10
SQL> alter user scott identified by oracle2;
alter user scott identified by oracle2
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user scott identified by oracle1;
alter user scott identified by oracle1
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user scott identified by oracle;
alter user scott identified by oracle
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user scott identified by oracle4;
User altered.
SQL> alter user scott identified by oracle;
alter user scott identified by oracle
*
ERROR at line 1:
ORA-28007: the password cannot be reused

從上面的實驗可以看出，當PASSWORD_REUSE_MAX為UNLIMITED，PASSWORD_REUSE_TIME為指定值，密碼在任何時候都不可以重用。

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 TableViewCell reuse 重用我認為的正確理解與使用方法 Linux下TIME_WAIT連接優化內核參數tcp_tw_reuse與tcp_tw_recycle區別與聯系淺析 ALV-REUSE_ALV_GRID_DISPLAY_LVC詳細參數屬性 Password Spraying/密碼噴灑密碼硬編碼（Password Management: Hardcoded Password）密碼（password）的顯示隱藏 TOTP：Time-based One-time Password Algorithm（基於時間的一次性密碼算法） Password Management:Hardcoded Password 密碼管理：硬編碼密碼密碼游戲(password.cpp) 找回密碼forget_password