Password Files   «Prev  Next»

Lesson 11 Rebuilding the password file
Objective Rebuild the password file for the COIN database.

Rebuilding the Password File

Why rebuild the password file?

There are times when you may need to rebuild the password file for a database. The most likely reason is to increase DBAs above the number you allotted when you created the file. Recreating the password file is not a particularly onerous task, but it does require you to shut down and restart the database. The following steps explain how to rebuild a password file.

Steps to follow

  1. Select a list of current password file entries from the v$pwfile_users view. Save this list for later reference.
  2. Shut down the database.
  3. Delete the existing password file.
  4. Create a new password file with the number of entries you want.
  5. Restart the database.
  6. Connect as an INTERNAL user.
  7. Using the list you made earlier as a reference, grant SYSDBA and SYSOPER privileges to the appropriate users.

The key to the rebuild process is the list that you made in Step 1. Deleting and recreating the password file results in a file that has entries only for the INTERNAL and SYS users. You need to re-enter all the other DBA users, which you can easily do if you make a list ahead of time.

Password File Rebuilding - Steps

Before you move on to the next module, click the Exercise button to do an ordering exercise covering the rebuild process.
Password File Rebuilding - Steps

New Password Protections

Oracle Database now includes the following new password protections:
  1. Easy ability to find default passwords. If you have upgraded from an earlier release of Oracle Database, you may have user accounts that still have default passwords. For greater security, you should find and change these passwords.
  2. Password complexity verification. Password complexity verification ensures that users set complex passwords when setting or resetting passwords. You can enforce password complexity by using the default settings provided by Oracle Database, or create custom requirements to further secure the password complexity requirements for your site.
  3. Enforced case sensitivity.
  4. Stronger password hashing algorithm. This enhancement enables users to create passwords that contain mixed case or special characters.