CREATE OR REPLACE NONEDITIONABLE FUNCTION "SYS"."VERIFY_PWD_GENERAL" ( username varchar2, password varchar2, old_password varchar2) return boolean IS differ integer; lang varchar2(512); message varchar2(512); ret number; minimum_age number :=1; -- cannot change password when its age in days is less than this last_change sys.user$.ptime%type; expired_time sys.user$.exptime%type; begin -- Get the cur context lang and use utl_lms for messages- Bug 22730089 lang := sys_context('userenv','lang'); lang := substr(lang,1,instr(lang,'_')-1); -- Password cannot be equal to User ID if lower(password) = lower(username) then raise_application_error(-20000, 'Password must be different from user name'); end if; if not ora_complexity_check(password, chars => 8, upper => 1, lower => 1, digit => 1, special => 1) then return(false); end if; /* -- Check if the password differs from the previous password by at least 8 characters if old_password is not null then differ := ora_string_distance(old_password, password); if differ < 8 then ret := utl_lms.get_message(28211, 'RDBMS', 'ORA', lang, message); raise_application_error(-20000, utl_lms.format_message(message, 'eight' )); end if; end if; */ /* Dictionary table sys.user$ column definition NAME ??? name for user or role TYPE# ??? 0 for role or 1 for user CTIME ??? the date of creation PTIME ??? the date the password was last changed EXPTIME ??? the date the password has last expired LTIME ??? the date the resource was last locked LCOUNT ??? number of failed logon */ begin select ptime, exptime into last_change, expired_time from sys.user$ where name=username; if (sysdate - last_change < minimum_age) and expired_time > sysdate -- also having future expiry time. User can chan ge its pwd anytime if not expired then raise_application_error(-20010, 'Password changed too soon'); END IF; EXCEPTION WHEN NO_DATA_FOUND -- when a user is initially created with this profile att ached, there's no record in the sys.user$ table yet. Proceed to next step. THEN return (true); end; return(true); end;