Profile Limit:

Password resource type:

Password Life time:

Like in some banks in internet banking they say that the password will expire after like 60 days for security. That setting is in database level and we can set that up.

This means that after 180 days the password of the user with default profile will last for 180 days. After that the user will need to change the password.

Password Reuse Time: (?)

Sometimes in case of internet banking or others etc there is a setting that tells use that we cannot reuse the password we used last time. This setting is also a database level setting. It tells that user can't use the same password used last time. Here is the value is unlimited. But if the value of this parameter is 3. Then it would mean that user can't use the same password it used last 3 times.

---

Password Reuse Max: (?)

This parameter value indicates maximum amount of times a specific password can be reused. This paramater works in tandem with the Password Reuse Time to make the database more secure.

---

Password Verify Function:-

This makes sure any weak cannot be used for an user. Here the value is null but if it was not null then we cannot create an user account with password like 1234. We would have to give a strong password with certain standard.

Password Lock time:

Suppose an user account get locked. The value of this parameter will indicate how much time will that account remain locked.

For example the value is now 1. That means this account will remain locked for 1 day. Then it will get unlocked automatically. Other than that the dba can unlock the account with the command alter user name account unlock. But only the dba can do that. The account will unlock only after 1 day.

Password Grace Time:

After an account's password cross its password life time the database provides the user some extra grace time to change the password. After that the account will get locked. The value of this parameter indicates how much grace time will be provided to the user.

Sessions per user:

This parameter value indicate total how many concurrent session an user can create. For example the value is 2. That means that user can connect to the database, open another terminal and connect to the database again. That it can do at the same time. But if the user try to login in another terminal at the same time then it will not allow to do that. It will only allow 2 sessions at the same time.

Cpu per session:

This parameter value indicates how much time the CPU will give to the user in a single session. For example the value is 4000. That would mean the CPU will give 4 mins approx to the user in a single session. If the user runs a query which will take more than 4 minutes that query will automatically gets killed.

Cpu per call:

This parameter value indicates the same as Cpu per session but instead of doing it in session level ot does that in query level. For example the value is 2000. It means the CPU will allocate a max 2 mins approx for that user per query. If that user runs a query which will take more that 2 mins that query will gets automatically killed.

Logical Reads Per Session:

This parameter value indicates the total number of data blocks which can be read in one session of that user. If the query run by that user need to use more data blocks than the limit mentioned in the parameter value then that query will be killed automatically.

Logical reads per call:

This parameter value indicates the same thing as Logical reads per session but instead of doing that session level ot does in query level. For example the value is 6000. It means that maximum 6000 data block reads are allowed per query by that user. If the user runs any query which exceeds that limit then that query will be automatically killed.

Idle time:

If an user remains idle for sometime that user gets disconnected from the database. This is done to keep resource wastage to a minimum. This parameter value indicates how much time the user can remain idle before getting disconnected from the database.

Connect time:-

After a certain amount of time a session of an user automatically gets disconnected whether the user is idle or not. This parameter value indicates after what amount of time the user will gets disconnected after starting a session, its maximum connection time.

Failed Login attempts:

This parameter value indicates after how many attempts of failed login will the account gets locked. Here the value is 10. Which means after 10 times for failed logins the account will get locked.

Creating a profile:

create profile mgr limit PASSWORD_LIFE_TIME 10 PASSWORD_REUSE_TIME 5 PASSWORD_REUSE_MAX 3 PASSWORD_VERIFY_FUNCTION verify_function_11G PASSWORD_GRACE_TIME 3 IDLE_TIME 5 SESSIONS_PER_USER 1 CONNECT_TIME 60;

The parameters which we have not given any value has been set to default. We can choose to give values to parameters of our choice as per our requirements.

Due to the password verification function verify_function_11G we can't create an user with a weak password.

And due to the session per user limit set to 1 we can't create con current session at all.