6 comments on “PASSWORD_REUSE_TIME and PASSWORD_REUSE_MAX

i found this with oracle 11.2.0.1 for linux , i didn’t know this is an old bug.
thx for sharing

Simple Explanation –

PASSWORD_REUSE_TIME and PASSWORD_REUSE_MAX

These two parameters must be set in conjunction with each other. PASSWORD_REUSE_TIME specifies the number of days before which a password cannot be reused. PASSWORD_REUSE_MAX specifies the number of password changes required before the current password can be reused. For these parameter to have any effect, you must specify an integer for both of them.

Source – Oracle Docs.[c[color=black][/color]olor=olive][/color]

Why do repeat the Oracle Doc’s which is already in the text? The problem is OEM related. You should read the whole text. Thank you.

Thanks. I thought I going crazy.

If you want to have the effect of setting a limit on the number of reused passwords but not on how long ago the old one was reused, you can set password_reuse_time to as close to 0 as possible. I find that the smallest is 1/172800, regardless Oracle version. That’s half a second. Obviously, if you or a program wants to cycle through 4 passwords in 0.5 seconds, the restriction imposed by password_reuse_time still takes effect.

If both PASSWORD_REUSE_TIME and PASSWORD_REUSE_MAX are set to UNLIMITED, then Oracle uses neither of these password resources.
* If PASSWORD_REUSE_MAX is set to an integer value, PASSWORD_REUSE_TIME must be set to UNLIMITED.

Leave a Reply

Your email address will not be published. Required fields are marked *

What can CarajanDB do for you?