Oracle数据库密码的延迟验证方式

本篇内容主要讲解“Oracle数据库密码的延迟验证方式”,感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习“Oracle数据库密码的延迟验证方式”吧!

成都创新互联专注于巴彦淖尔企业网站建设,响应式网站,商城网站建设。巴彦淖尔网站建设公司,为巴彦淖尔等地区提供建站服务。全流程定制制作,专业设计,全程项目跟踪,成都创新互联专业和态度为您提供的服务

密码延迟验证官方文档说明:

Oracle® Database Security Guide 11g Release 1 (11.1)

Preventing passwords from being broken. If a user tries to log in to Oracle Database multiple times using an incorrect password, Oracle Database delays each login. This protection applies for attempts made from different IP addresses or multiple client connections. Afterwards, it gradually increases the time before the user can try another password, up to a maximum of about 10 seconds. If the user enters the correct password, he or she is able to log in successfully without any delay.

This feature significantly decreases the number of passwords that an intruder would be able to try within a fixed time period when attempting to log in. The failed logon delay slows down each failed logon attempt, increasing the overall time that is required to perform a password-guessing attack, because such attacks usually require a very large number of failed logon attempts.

密码延迟验证初衷是为了防止密码在短时间内被暴力破解,随着密码输入错误次数,延迟验证时间会逐步增加一直到最大10s。

如果由于密码延迟验证导致了大量的无event的会话,或library cache lock,可以保证安全前提下,关闭密码延迟验证。

在不同版本可以通过如下设置关闭密码延迟验证:

11g:

# 在spfile中设置event:event = "28401 trace name context forever,level 1"
SQL> alter system set event="28401 trace name context forever,level 1" scope=spfile;
# 针对SYS用户,可以看到在11g中该参数是针对sys用户:
_sys_logon_delay      1     TRUE   failed logon delay for sys     
SQL> alter system set "_sys_logon_delay"=0 scope=spfile;

12c

# 可以看到12c中,该参数已经变更为控制数据库实例,所以可以通过修改该参数关闭密码延迟验证
_sys_logon_delay    1   TRUE   The failed logon delay for the database instance

到此,相信大家对“Oracle数据库密码的延迟验证方式”有了更深的了解,不妨来实际操作一番吧!这里是创新互联网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!


网站标题:Oracle数据库密码的延迟验证方式
转载来于:http://azwzsj.com/article/pghpoj.html