The password must contain at least one of the following i.e. one letter, one digit, one punctuation mark:
A digit: 0123456789
The following checks are performed:
- Check if the password differs from the previous password by at least 3 letters
- Password cannot be the same as the username
- Minimum length of the password is 12
- Check if the password is too simple. A dictionary of words will be maintained and a check may be made so as not to allow the words that are too simple for the password e.g. 'welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd'
The characters you can use should never be put at the beginning or end of the password.
Example if # is the character:
#4password, password4# - (no,no)
pass#4word - (OK)
Password life time = 60 days
Grace period to change = 10 days
If the password is not changed during the grace period, the password expires.
During the grace period, a warning message appears each time users try to log in to their accounts, and continues to appear until the grace period expires. Users must change the password within the grace period. If the password is not changed within the grace period, thereafter users are prompted for a new password each time an attempt is made to access their accounts. Access to an account is denied until a new password is supplied.
Failed logins before locking = 3
Locked for default of 30 days
Reuse of a password is not allowed for 365 days