The document outlines various exercises related to database security management, specifically focusing on user profile creation and password policies. It includes SQL commands for creating user profiles, modifying limits for password validity, and implementing security features like session controls and password verification functions. Additional tasks involve managing user accounts, including locking and unlocking them, as well as ensuring password security protocols are followed.

1. Database Security
https://www.oercommons.org/authoring/21663-database-security
Dr. Girija Narasimhan 1
OER- UNIT 2 User Profile
Exercise Solution

2. Question 1
1. Create Profile name as "HR_Manager_Prof", in this profile apply the following limits
- Password validity is 3 months
- Fifteen days before the password validity expiry the user get proper information.
- User is allowed to try three incorrect password attempts
- If incorrect password attempt exist then it will lock the user account two days
Ans:
SQL> create profile HR_Manager_Prof limit
2 PASSWORD_LIFE_TIME 90
3 PASSWORD_GRACE_TIME 15
4 FAILED_LOGIN_ATTEMPTS 3
5 PASSWORD_LOCK_TIME 2;
Profile created.
Dr. Girija Narasimhan 2

3. Question 2
Dr. Girija Narasimhan 3
Create the user Induja and assign the profile the HR_Manager_Prof to her. Display the assigned profile to user
Induja.
Ans:
create user Induja IDENTIFIED by Indu;
alter user induja profile HR_Manager_Prof;
or
create user Induja IDENTIFIED by Indu
profile HR_Manager_Prof;
grant create session to Induja ;
or
grant create session to induja identified by indu profile HR_Manager_prof;
SQL> select username, profile from dba_users where username='INDUJA';
USERNAME PROFILE
------------------------------ ------------------------------
INDUJA HR_MANAGER_PROF

4. Question 3
Modify the HR_Manager_Prof profile include the following limits,
- User is allow to work two concurrent session.
- User is allowed for only 60 minutes per session
- Change the user lock time is 6 hours
Ans:
Alter profile HR_Manager_Prof limit
sessions_per_user 2
connect_time 60
password_lock_time 6/24;
Dr. Girija Narasimhan 4

5. Question 4
Display password created, expired date information
Ans:
SQL> select created,expiry_date from dba_users where username = 'INDUJA';
CREATED EXPIRY_DATE
------------- ---------------
08-MAY-17 06-AUG-17
Dr. Girija Narasimhan 5
Question 5
Which date and time the user recently changed the password?
Ans:
Alter session set NLS_DATE_FORMAT='DD-MON-YYYY HH24:MI:SS';
SELECT PTIME FROM SYS.USER$ WHERE NAME='INDUJA';

6. Question 6
Change the user password should not be case sensitive.
Ans:
ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE;
Dr. Girija Narasimhan 6
Question 7
Prohibit the user Induja to access database?
Ans:
Alter user induja account lock;
Release access deny of the user Induja
Ans:
alter user induja account unlock;
Question 8

7. Dr. Girija Narasimhan 7
Question 9
Ans:
CREATE OR REPLACE FUNCTION pwdverify
(username varchar2,
password varchar2,
old_password varchar2)
RETURN boolean IS
n boolean;
m integer;
differ integer;
isdigit boolean;
ischar boolean;
ispunct boolean;
db_name varchar2(40);
digitarray varchar2(20);
punctarray varchar2(25);
chararray varchar2(52);
i_char varchar2(10);
simple_password varchar2(10);
reverse_user varchar2(32);

8. Dr. Girija Narasimhan 8
BEGIN
digitarray:= '0123456789';
chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-- Check if the password is same as the username or username(1-100)
IF NLS_LOWER(password) = NLS_LOWER(username) THEN
raise_application_error(-20002, 'Password same as or similar to user');
END IF;
FOR i IN 1..100 LOOP
i_char := to_char(i);
if NLS_LOWER(username)|| i_char = NLS_LOWER(password) THEN
raise_application_error(-20005, 'Password same as or similar to user name ');
END IF;
END LOOP;
RETURN(TRUE);
END;
/
Question 9 (Cont.)

9. Dr. Girija Narasimhan 9
alter profile HR_Manager_Prof limit
password_verify_function pwdverify;
Alter user induja profile HR_Manager_prof;
Question 9 (Cont.)
User never allow to reuse the same password
Ans:
alter profile HR_Manager_Prof limit
password_reuse_time 2
password_reuse_max unlimited;
Question 10

10. Dr. Girija Narasimhan 10
Remove HR_Manager_Prof profile from user Induja
Ans:
ALTER USER INDUJA PROFILE DEFAULT;
Question 12
Whenever the user Induja login her session first attempts, the user must type the new password.
Ans:
ALTER USER INDUJA PASSWORD EXPIRE;
Question 11