oracle修改用户密码的方法「建议收藏」

修改oracle用户的密码有以下方法：

普通用户  

(1)通过alter user语法来进行修改 ，这也是最常见的方式：

(2) 第二种方式，是通过password命令来修改:

从安全性角度来说 ，推荐大家通过第二种方式来修改用户密码，这样可防止明文密码泄露。

sys用户

另外关于sys用户密码，不要使用password以及alter user 方式去修改，原因主要如下：

(1) 当REMOTE_LOGIN_PASSWORDFILE参数设置为shared时，我们使用alter user 修改sys密码时，会报

ORA-28046: Password change for SYS disallowed error.

测试如下：

(2) 大多数内部递归SQL都使用SYS用户。因此，如果您试图在数据库打开时使用ALTER USER语句更改此密码，则可能会导致死锁。

因此，对于sys用户我们需要使用orapwd来进行修改：

[oracle@orcl dbs]$ orapwd file=’orapworcl’ entries=5 force=y       这里注意等号左右不能有空格；

关于orapwd说明引用官网，如下：

FILE

This argument sets the name of the password file being created. You must specify the full path name for the file. This argument is mandatory.

The file name required for the password file is operating system specific. Some operating systems require the password file to adhere to a specific format and be located in a specific directory. Other operating systems allow the use of environment variables to specify the name and location of the password file.

Table 1-1  lists the required name and location for the password file on the UNIX, Linux, and Windows platforms. For other platforms, consult your platform-specific documentation.

Table 1-1 Required Password File Name and Location on UNIX, Linux, and Windows

Platform	Required Name	Required Location)
UNIX and Linux	orapw ORACLE_SID	ORACLE_HOME /dbs
Windows	PWD ORACLE_SID .ora	ORACLE_HOME \database

For example, for a database instance with the SID  orcldw , the password file must be named  orapworcldw  on Linux and  PWDorcldw.ora  on Windows.

In an Oracle Real Application Clusters environment on a platform that requires an environment variable to be set to the path of the password file, the environment variable for each instance must point to the same password file.

Caution:

It is critically important to the security of your system that you protect your password file and the environment variables that identify the location of the password file. Any user with access to these could potentially compromise the security of the connection.

ENTRIES

This argument specifies the number of entries that you require the password file to accept. This number corresponds to the number of distinct users allowed to connect to the database as  SYSDBA  or  SYSOPER . The actual number of allowable entries can be higher than the number of users, because the  ORAPWD  utility continues to assign password entries until an operating system block is filled. For example, if your operating system block size is 512 bytes, it holds four password entries. The number of password entries allocated is always a multiple of four.

Entries can be reused as users are added to and removed from the password file. If you intend to specify  REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE , and to allow the granting of  SYSDBA  and  SYSOPER  privileges to users, this argument is required.

Caution:

When you exceed the allocated number of password entries, you must create a new password file. To avoid this necessity, allocate more entries than you think you will ever need.

FORCE

This argument, if set to  Y , enables you to overwrite an existing password file. An error is returned if a password file of the same name already exists and this argument is omitted or set to  N .

IGNORECASE

If this argument is set to  y , passwords are case-insensitive. That is, case is ignored when comparing the password that the user supplies during login with the password in the password file.

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/69902769/viewspace-2646974/，如需转载，请注明出处，否则将追究法律责任。