重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
本篇内容主要讲解“Oracle数据库密码的延迟验证方式”,感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习“Oracle数据库密码的延迟验证方式”吧!
创新互联主要从事网站制作、成都网站建设、网页设计、企业做网站、公司建网站等业务。立足成都服务宁洱,10余年网站建设经验,价格优惠、服务专业,欢迎来电咨询建站服务:18982081108密码延迟验证官方文档说明:
Oracle® Database Security Guide 11g Release 1 (11.1)
Preventing passwords from being broken. If a user tries to log in to Oracle Database multiple times using an incorrect password, Oracle Database delays each login. This protection applies for attempts made from different IP addresses or multiple client connections. Afterwards, it gradually increases the time before the user can try another password, up to a maximum of about 10 seconds. If the user enters the correct password, he or she is able to log in successfully without any delay.
This feature significantly decreases the number of passwords that an intruder would be able to try within a fixed time period when attempting to log in. The failed logon delay slows down each failed logon attempt, increasing the overall time that is required to perform a password-guessing attack, because such attacks usually require a very large number of failed logon attempts.
密码延迟验证初衷是为了防止密码在短时间内被暴力破解,随着密码输入错误次数,延迟验证时间会逐步增加一直到大10s。
如果由于密码延迟验证导致了大量的无event的会话,或library cache lock,可以保证安全前提下,关闭密码延迟验证。
在不同版本可以通过如下设置关闭密码延迟验证:
11g:
# 在spfile中设置event:event = "28401 trace name context forever,level 1" SQL> alter system set event="28401 trace name context forever,level 1" scope=spfile; # 针对SYS用户,可以看到在11g中该参数是针对sys用户: _sys_logon_delay 1 TRUE failed logon delay for sys SQL> alter system set "_sys_logon_delay"=0 scope=spfile;
12c
# 可以看到12c中,该参数已经变更为控制数据库实例,所以可以通过修改该参数关闭密码延迟验证 _sys_logon_delay 1 TRUE The failed logon delay for the database instance
到此,相信大家对“Oracle数据库密码的延迟验证方式”有了更深的了解,不妨来实际操作一番吧!这里是创新互联网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!