Skip to Main Content
  • Questions

  • Prevent locking of user at login time

Breadcrumb

Question and Answer

Chris Saxon

Thanks for the question, Amarnath.

Asked: July 22, 2016 - 10:28 am UTC

Last updated: July 22, 2016 - 2:02 pm UTC

Version: 10g

Viewed 10K+ times! This question is

You Asked

Sir, I give username and password in oracle to connect with the database,
if I give wrong password to username upto certain counts it locks user.

Sir, what can I do to prevent lock if I give wrong password as many times
i.e; User should not be locked after attempting too many times for login,

Please help me sir

thank you.

and Chris said...

You can change the number of password attempts using profiles. These enable you to set various password properties, such as the how many times they can get it wrong, how often it expires, etc.

To allow them unlimited incorrect password tries, set the failed_login_attempts to unlimited:

create profile umlimited_attempts limit
  failed_login_attempts unlimited;
 
create user u identified by u;
alter user u profile umlimited_attempts;


But...

Limiting the number of password attempts a user can make is A Good Thing. If you disable it then you make it easy for someone to figure out the password by brute force. This is A Bad Thing. Particularly if you're using weak passwords.

Is this answer out of date? If it is, please let us know via a Comment
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.