Oracle中可以通过密码设置管理，来管理密码设置的安全，下面是设定密码设置管理的方法。

  查询密码设置管理中参数状态

SQL> select * from dba_profiles;

  创建密码设置管理的profile，例如：

SQL> create profile TEST_PROFIE limit failed_login_attempts 3;

SQL> create user TESTUSER identified by test1234 profile TEST_PROFILE;

SQL> grant connect to TESTUSER;

此时如果使用TESTUSER用户连接时，密码错误3次，该账户将被自动锁定；此后输入正确的账户连接式，会收到如下信息：

ERROR:ORA-28000: the account is locked

  PASSWORD_VERIFY_FUNCTION 是一个函数名，可以用来判断口令的复杂性，例如长度，口令组成等等

Ø  根据想要达到的密码复杂程度，修改

$ORACLE_HOME/rdbms/admin/utlpwdmg.sql文件（红色部分为设置的内容）

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

Rem

Rem $Header: utlpwdmg.sql 31-aug-2000.11:00:47 nireland Exp $

Rem

Rem utlpwdmg.sql

Rem

Rem  Copyright (c) Oracle Corporation 1996, 1997. All Rights Reserved.

Rem

Rem    NAME

Rem      utlpwdmg.sql - script for Default Password Resource Limits

Rem

Rem    DESCRIPTION

Rem      This is a script for enabling the password management features

Rem      by setting the default password resource limits.

Rem

Rem    NOTES

Rem      This file contains a function for minimum checking of password

Rem      complexity. This is more of a sample function that the customer

Rem      can use to develop the function for actual complexity checks that the

Rem      customer wants to make on the new password.

Rem

Rem    MODIFIED   (MM/DD/YY)

Rem    nireland    08/31/00 - Improve check for username=password.

#1390553

Rem    asurpur     04/17/97 - Fix for bug479763

Rem    asurpur     12/12/96 - Changing the name of

password_verify_function

Rem    asurpur     05/30/96 - New script for default password management

Rem    asurpur     05/30/96 - Created

Rem

-- This script sets the default password resource parameters

-- This script needs to be run to enable the password features.

-- However the default resource parameters can be changed based

-- on the need.

-- A default password complexity function is also provided.

-- This function makes the minimum complexity checks like

-- the minimum length of the password, password not same as the

-- username, etc. The user may enhance this function according to

-- the need.

-- This function must be created in SYS schema.

-- connect sys/ as sysdba before running the script

CREATE OR REPLACE FUNCTION verify_function

(username varchar2,

  password varchar2,

  old_password varchar2)

  RETURN boolean IS

   n boolean;

   m integer;

   differ integer;

isdigit boolean;

   ischar  boolean;

   ispunct boolean;

   digitarray varchar2(20);

   punctarray varchar2(25);

   chararray varchar2(52);

BEGIN

   digitarray:= '0123456789';

   chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

   punctarray:='!"#$%&()``*+,-/:;<=>?_';

   -- Check if the password is same as the username

   IF NLS_LOWER(password) = NLS_LOWER(username) THEN

     raise_application_error(-20001, 'Password same as or similar to user');

   END IF;

   -- Check for the minimum length of the password

   IF length(password) < 8 THEN

      raise_application_error(-20002, 'Password length less than 4');

   END IF;

   -- Check if the password is too simple. A dictionary of words may be

   -- maintained and a check may be made so as not to allow the words

   -- that are too simple for the password.

   IF NLS_LOWER(password) IN ('welcome', 'database', 'account', 'user',

'password', 'oracle', 'computer', 'abcd') THEN

      raise_application_error(-20002, 'Password too simple');

   END IF;

   -- Check if the password contains at least one letter, one digit and one

   -- punctuation mark.

   -- 1. Check for the digit

   isdigit:=FALSE;

   m := length(password);

   FOR i IN 1..10 LOOP

      FOR j IN 1..m LOOP

         IF substr(password,j,1) = substr(digitarray,i,1) THEN

            isdigit:=TRUE;

             GOTO findchar;

         END IF;

      END LOOP;

   END LOOP;

   IF isdigit = FALSE THEN

      raise_application_error(-20003, 'Password should contain at least one

digit, one character and one punctuation');

   END IF;

   -- 2. Check for the character

   <>

   ischar:=FALSE;

FOR i IN 1..length(chararray) LOOP

      FOR j IN 1..m LOOP

         IF substr(password,j,1) = substr(chararray,i,1) THEN

            ischar:=TRUE;

             GOTO findpunct;

         END IF;

      END LOOP;

   END LOOP;

   IF ischar = FALSE THEN

      raise_application_error(-20003, 'Password should contain at least one \

              digit, one character and one punctuation');

   END IF;

   -- 3. Check for the punctuation

   <>

   ispunct:=FALSE;

   FOR i IN 1..length(punctarray) LOOP

      FOR j IN 1..m LOOP

         IF substr(password,j,1) = substr(punctarray,i,1) THEN

            ispunct:=TRUE;

             GOTO endsearch;

         END IF;

      END LOOP;

   END LOOP;

   IF ispunct = FALSE THEN

      raise_application_error(-20003, 'Password should contain at least one \

              digit, one character and one punctuation');

   END IF;

   <>

   -- Check if the password differs from the previous password by at least

   -- 3 letters

   IF old_password = '' THEN

      raise_application_error(-20004, 'Old password is null');

   END IF;

   -- Everything is fine; return TRUE ;  

   differ := length(old_password) - length(password);

   IF abs(differ) < 3 THEN

      IF length(password) < length(old_password) THEN

         m := length(password);

      ELSE

         m := length(old_password);

      END IF;

      differ := abs(differ);

      FOR i IN 1..m LOOP

          IF substr(password,i,1) != substr(old_password,i,1) THEN

             differ := differ + 1;

          END IF;

END LOOP;

      IF differ < 3 THEN

          raise_application_error(-20004, 'Password should differ by at \

            least 3 characters');

      END IF;

   END IF;

   -- Everything is fine; return TRUE ;  

   RETURN(TRUE);

END;

/

-- This script alters the default parameters for Password Management

-- This means that all the users on the system have Password Management

-- enabled and set to the following values unless another profile is

-- created with parameter values set to different value or UNLIMITED

-- is created and assigned to the user.

--以下为设置密码管理设置中的参数（根据需求设置）：

ALTER PROFILE DEFAULT LIMIT

PASSWORD_LIFE_TIME 60

PASSWORD_GRACE_TIME 10

PASSWORD_REUSE_TIME 1800

PASSWORD_REUSE_MAX UNLIMITED

FAILED_LOGIN_ATTEMPTS 3

PASSWORD_LOCK_TIME 1/1440

PASSWORD_VERIFY_FUNCTION verify_function;

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

Ø  SQL> @$ORACLE_HOME/rdbms/admin/utlpwdmg.sql

     Function created

     Profile altered

Ø  SQL> select * from dba_profiles where resource_type=’PASSWORD’;

           PROFILE         RESOURCE_NAME              RESOURCE         LIMIT
--------      ---------------------       ----------      -----------
DEFAULT        FAILED_LOGIN_ATTEMPTS        PASSWORD           3
DEFAULT        PASSWORD_LIFE_TIME           PASSWORD           90
DEFAULT        PASSWORD_REUSE_TIME          PASSWORD           1800
DEFAULT         PASSWORD_REUSE_MAX           PASSWORD       UNLIMITED
DEFAULT         PASSWORD_VERIFY_FUNCTION     PASSWORD VERIFY_FUNCTION
DEFAULT         PASSWORD_LOCK_TIME           PASSWORD        .0006
DEFAULT         PASSWORD_GRACE_TIME          PASSWORD         10

  可见，密码设置管理中的参数以按照上诉修改的文件进行了修改！

Ø  以下为测试内容

SQL> alter testuser identified by testuser;

ORA-28003: password verification for the specified password failed

ORA-20001: Password same as or similar to user

解析：因为如上文件中设置了密码不能与用户名相同，所以报如上错误

  取消密码管理

SQL> alter profile default limit unlimited;