DG0127-ORACLE11 - DBMS account passwords should not be set to easily guessed words or values - 'limit'

Information

DBMS account passwords set to common dictionary words or values render accounts vulnerable to password guessing attacks and unauthorized access.

Solution

Define and apply a Password Verify Function for all profiles where passwords are used to authenticate accounts.

See Fix information for DG0079 to create a Password Verify Function that meets STIG requirements.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-24792r1_rule, STIG-ID|DG0127-ORACLE11, Vuln-ID|V-15634

Plugin: OracleDB

Control ID: f57642e24e5ea5c350e14ad7ef6c98665d5fa947ef4c02c2c72d2fd73cdb272c