Oracle Password Constraints

Introduction

Oracle passwords have a lot of subtle constraints. If you set a password that violates these constraints, you won't be able to login to your Oracle instance.

Oracle Password Constraints

An Oracle password has the following rules:

  1. Passwords must be from 1 to 30 characters long.
  2. Passwords cannot contain quotation marks.
  3. Passwords are not case sensitive. (However, Oracle DB Server 11g now allows for case sensitive passwords)
  4. A Password must begin with an alphabetic character.
  5. Passwords can contain only alphanumeric characters and the underscore (_), dollar sign ($), and pound sign (#). Oracle strongly discourages you from using $ and #.
  6. A Password cannot be an Oracle reserved word (eg: SELECT).

Notes

  1. In February 2012, a CSE student put a forward slash (/) in his password. The forward slash prevented Oracle from parsing the password correctly, earning the student this error message:
    
    SP2-0306: Invalid option.
    >>> Usage: CONN[ECT] [logon] [AS {SYSDBA|SYSOPER|SYSASM}]
    >>> where    ::=[/][@]
    >>> [edition=value] | /
    
    

References

  1. http://wings.buffalo.edu/computing/documentation/unix/oracle.html