oracle修改用戶密碼的方法

修改oracle用戶的密碼有以下方法：

普通用戶  

(1)通過alter user語法來進行修改 ，這也是最常見的方式：

(2) 第二種方式，是通過password命令來修改:

從安全性角度來說 ，推薦大家通過第二種方式來修改用戶密碼，這樣可防止明文密碼泄露。

sys用戶

另外關于sys用戶密碼，不要使用password以及alter user 方式去修改，原因主要如下：

(1) 當REMOTE_LOGIN_PASSWORDFILE參數設置為shared時，我們使用alter user 修改sys密碼時，會報

ORA-28046: Password change for SYS disallowed error.

測試如下：

(2) 大多數內部遞歸SQL都使用SYS用戶。因此，如果您試圖在數據庫打開時使用ALTER USER語句更改此密碼，則可能會導致死鎖。

因此，對于sys用戶我們需要使用orapwd來進行修改：

[oracle@orcl dbs]$ orapwd file='orapworcl' entries=5 force=y       這里注意等號左右不能有空格；

關于orapwd說明引用官網，如下：

FILE

This argument sets the name of the password file being created. You must specify the full path name for the file. This argument is mandatory.

The file name required for the password file is operating system specific. Some operating systems require the password file to adhere to a specific format and be located in a specific directory. Other operating systems allow the use of environment variables to specify the name and location of the password file.

Table 1-1  lists the required name and location for the password file on the UNIX, Linux, and Windows platforms. For other platforms, consult your platform-specific documentation.

Table 1-1 Required Password File Name and Location on UNIX, Linux, and Windows

Platform	Required Name	Required Location)
UNIX and Linux	orapw ORACLE_SID	ORACLE_HOME /dbs
Windows	PWD ORACLE_SID .ora	ORACLE_HOME \database

For example, for a database instance with the SID  orcldw , the password file must be named  orapworcldw  on Linux and  PWDorcldw.ora  on Windows.

In an Oracle Real Application Clusters environment on a platform that requires an environment variable to be set to the path of the password file, the environment variable for each instance must point to the same password file.

Caution:

It is critically important to the security of your system that you protect your password file and the environment variables that identify the location of the password file. Any user with access to these could potentially compromise the security of the connection.

ENTRIES

This argument specifies the number of entries that you require the password file to accept. This number corresponds to the number of distinct users allowed to connect to the database as  SYSDBA  or  SYSOPER . The actual number of allowable entries can be higher than the number of users, because the  ORAPWD  utility continues to assign password entries until an operating system block is filled. For example, if your operating system block size is 512 bytes, it holds four password entries. The number of password entries allocated is always a multiple of four.

Entries can be reused as users are added to and removed from the password file. If you intend to specify  REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE , and to allow the granting of  SYSDBA  and  SYSOPER  privileges to users, this argument is required.

Caution:

When you exceed the allocated number of password entries, you must create a new password file. To avoid this necessity, allocate more entries than you think you will ever need.

FORCE

This argument, if set to  Y , enables you to overwrite an existing password file. An error is returned if a password file of the same name already exists and this argument is omitted or set to  N .

IGNORECASE

If this argument is set to  y , passwords are case-insensitive. That is, case is ignored when comparing the password that the user supplies during login with the password in the password file.