Oracle login - expire passwords 
Author Message
 Oracle login - expire passwords

I wrote exactly this code for Egghead.com when We (ONSALE.COM)
bought them...  sorry, I can't give you code, but I can give concepts...

(keep in mind, Oracle has no native means for doing ANY of ththis stuff)

I created/accessed a file on the server where the application was stored
to maintain the UserName, Status of the password, and Date of Change.
I used a simple ASCII addition encryption, which should be good enough
(unless you want to use a hash algorithym...)

I then created a loader program.  This program was the password
verification code, which went to the file server, opened the file, looked
for the UserName, and compared the Date/Time to Now...  If it was older
than 2 weeks, the status was not OKtoRUN, or if it did not exist, it loaded
and
displayed a form asking for the old password and the new one (Twice).

It was decided to that we should have password administrators
at the manager level, in case someone forgot their password, they
would not need to seek the help of a DBA to change their password.

So we gave managers a special Oracle privelege that allowed them to change
other users passwords.  We wrote two versions of the password app.
Using conditional compilation we were able to use the same source.
One version only allowed normal users to change passwords.  If the
password they were trying to change had the special Admin privelege
then the normal app would refuse to change the password.  This prevents
normal users from changing an administrators password.  The second,
first validated the manager, and upon success asked for the user name and
new password of the  person to change.

The loader app upon successful change of the password would write an update
to that persons account into the network encrypted file and would then
shell the real application, using arguments to pass the users information so
that they did not have to log in twice...

Three password change failures and the account would be set to Lock Out
by the software in the network text file.  The application would not launch
but they could still gain access to the change utility (loader program) by
re-opening the link to the loader.

Hope this helps...  btw, the whole thing took about 2.5 days of my time to
create
design, code and rollout with testing.

Dennis Nagel
Un-Emp - Will Code for food...


Does anyone have sample code they can share for connecting to Oracle?  I am
looking to enhance our simple login form, with checks for expiring
passwords, and password complexity.  Basically to enhance the security.
These are the items I wish to add.

1) block / unblock users
2) expire users by date
3) inactive block
4) # days to force password change
5) 1st access, force password change
6) case sensitive password



Sun, 27 Jun 2004 02:03:21 GMT
 
 [ 1 post ] 

 Relevant Pages 

1. problem oracle ado set new password for expired one

2. Connecting Oracle with a PASSWORD EXPIRE parameter.

3. Oracle ODBC and expired passwords

4. Oracle 8 Expiring Passwords ?

5. Windows NT Oracle - default login & password

6. Windows NT Oracle - default login & password

7. Oracle 8 default dba login and password

8. help login Oracle/passwords etc

9. unique password for UNIX login AND oracle

10. login timeout expired

11. Microsoft SQL Server Login-Connection Failed-Microsoft ODBC Driver-Timeout Expired

12. login timeout expired


 
Powered by phpBB® Forum Software