今天需要在測試環境中做一些效能測試，為了不影響原有的資料，準備建立一個臨時的schema。但是建立的時候報瞭如下的錯誤。 SQL> create user mig_perf identified by mig_perf; create user mig_perf identified by mig_perf * ERROR at line 1: ORA-28003: password verification for the specified password failed ORA-20002: Password same as or similar to user 第一感覺就是開啟了密碼的校驗，11g裡面有一個新特性的關於密碼的大小寫敏感的，會不會有關聯呢。似乎有些牽強，但是目前是false選項，表示不對大小寫敏感。 SQL> show parameter sen NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ sec_case_sensitive_logon boolean FALSE

如果還有問題，就需要從profie的角度入手了，比如登入密碼超過10次，賬戶就會鎖定，這些都是在profile裡面配置的。 來看看能得到什麼資訊。 select *from dba_profiles order by profile; SQL> / PROFILE RESOURCE_NAME RESOURCE LIMIT ------------------------------ -------------------------------- -------- ---------------------------------------- DBAMON_PF1 COMPOSITE_LIMIT KERNEL UNLIMITED DBAMON_PF1 SESSIONS_PER_USER KERNEL 10 DBAMON_PF1 CPU_PER_SESSION KERNEL UNLIMITED DBAMON_PF1 CPU_PER_CALL KERNEL UNLIMITED DBAMON_PF1 LOGICAL_READS_PER_SESSION KERNEL UNLIMITED DBAMON_PF1 LOGICAL_READS_PER_CALL KERNEL UNLIMITED DBAMON_PF1 IDLE_TIME KERNEL UNLIMITED DBAMON_PF1 CONNECT_TIME KERNEL UNLIMITED DBAMON_PF1 PRIVATE_SGA KERNEL DEFAULT DBAMON_PF1 FAILED_LOGIN_ATTEMPTS PASSWORD 10 DBAMON_PF1 PASSWORD_LIFE_TIME PASSWORD UNLIMITED DBAMON_PF1 PASSWORD_REUSE_TIME PASSWORD UNLIMITED DBAMON_PF1 PASSWORD_REUSE_MAX PASSWORD UNLIMITED DBAMON_PF1 PASSWORD_VERIFY_FUNCTION PASSWORD VERIFY_FUNCTION DBAMON_PF1 PASSWORD_LOCK_TIME PASSWORD .0106 DBAMON_PF1 PASSWORD_GRACE_TIME PASSWORD UNLIMITED DEFAULT COMPOSITE_LIMIT KERNEL UNLIMITED DEFAULT SESSIONS_PER_USER KERNEL UNLIMITED DEFAULT CPU_PER_SESSION KERNEL UNLIMITED DEFAULT CPU_PER_CALL KERNEL UNLIMITED DEFAULT LOGICAL_READS_PER_SESSION KERNEL UNLIMITED DEFAULT LOGICAL_READS_PER_CALL KERNEL UNLIMITED DEFAULT IDLE_TIME KERNEL UNLIMITED DEFAULT CONNECT_TIME KERNEL UNLIMITED DEFAULT PRIVATE_SGA KERNEL UNLIMITED DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10 DEFAULT PASSWORD_LIFE_TIME PASSWORD 180 DEFAULT PASSWORD_REUSE_TIME PASSWORD UNLIMITED DEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITED DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD VERIFY_FUNCTION_11G DEFAULT PASSWORD_LOCK_TIME PASSWORD 1 DEFAULT PASSWORD_GRACE_TIME PASSWORD 7 我建立的新使用者，沒有指定profile，所以會是預設的default profile，對應的"PASSWORD_VERIFY_FUNCTION" 有一些差別。 看來是對於密碼安全的加強，來看看相關的簡單測試，看看密碼驗證還都做了那些校驗。 SQL> create user mig_perf identified by mig_perf1; create user mig_perf identified by mig_perf1 * ERROR at line 1: ORA-28003: password verification for the specified password failed ORA-20005: Password same as or similar to user name SQL> create user mig_perf identified by abc; create user mig_perf identified by abc * ERROR at line 1: ORA-28003: password verification for the specified password failed ORA-20001: Password length less than 8 SQL> create user mig_perf identified by abcabc12; User created. SQL> drop user mig_perf; User dropped. 當然了“PASSWORD VERIFY_FUNCTION_11G”其實是一個function來實現的。具體的細節可以在$ORACLE_HOME/rdbms/admin/utlpwdmg.sql中檢視。 > ls -lrt utlpwd* -rw-r--r-- 1 oraccbs1 dba 11555 Aug 13 2006 utlpwdmg.sql -- This script sets the default password resource parameters -- This script needs to be run to enable the password features. -- However the default resource parameters can be changed based -- on the need. -- A default password complexity function is also provided. -- This function makes the minimum complexity checks like -- the minimum length of the password, password not same as the -- username, etc. The user may enhance this function according to -- the need. -- This function must be created in SYS schema. -- connect sys/<password> as sysdba before running the script CREATE OR REPLACE FUNCTION verify_function_11G (username varchar2, password varchar2, old_password varchar2) RETURN boolean IS n boolean; m integer; differ integer; isdigit boolean; ischar boolean; ispunct boolean; db_name varchar2(40); digitarray varchar2(20); punctarray varchar2(25); chararray varchar2(52); i_char varchar2(10); simple_password varchar2(10); reverse_user varchar2(32); BEGIN digitarray:= '0123456789'; chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 。。。。 而且在11g的資料字典裡也有所體現，可以看到如下的使用者密碼是10g,11g的 在dba_users中有一列 password_version ****************************************************************************************************** * General Details * ****************************************************************************************************** USERNAME Default Tablespace CREATED PROFILE PASSWORD_V ------------------------- -------------------- --------- ---------- ---------- MIG_PERF DATAS01 31-MAR-14 DEFAULT 10G 11G 一些相關的連結如下： How To Enforce Mixed Case Passwords When sec_case_sensitive_logon = true? (Doc ID 1307555.1) ORA-603 ORA-604 ORA-1001 ORA-28003 when PASSWORD_VERIFY_FUNCTION Returns FALSE (Doc ID 1264842.1) --這是一個11.2.0.2以前的bug ORA-28003 Error When Use 'Password Complexity Verification' (Doc ID 132096.1) --alter user identified by 錯誤的WA