CREATE PROFILE Compexite_Pwd_profile 
	LIMIT PASSWORD_LIFE_TIME 30
	LIMIT PASSWORD_REUSE_TIME 180 
	LIMIT PASSWORD_REUSE_MAX 3 ;

ALTER USER scott PROFILE my_profile;

C:\oracle_checkpwd>checkpwd122.exe system/monpwd@hostdvp:1521/ORA10G.DVP.COM default_passwords.txt
Checkpwd 1.22 - (c) 2007 by Red-Database-Security GmbH
Oracle Security Consulting, Security Audits & Security Trainings
http://www.red-database-security.com

initializing Oracle client library
connecting to the database
retrieving users and password hash values
disconnecting from the database
opening weak password list file
reading weak passwords list
checking passwords
Starting 1 threads
JRULES  OK [OPEN]
SNPM    OK [OPEN]
SNPW    OK [OPEN]
MIDOFF  OK [OPEN]
WAREHOUSE has weak password BUSINESS [OPEN]
DISTRIBUTE has weak password HOUSE [OPEN]
MDSTATUS has weak password MDSTATUS [OPEN]
QC      OK [OPEN]
DASHBOARD    OK [OPEN]
SYS_USER      OK [OPEN]
DEPLOYER  OK [OPEN]
TSMSYS  OK [LOCKED]
DBSNMP  OK [OPEN]
EXFSYS  OK [LOCKED]
XDB     OK [LOCKED]
SYSMAN  OK [LOCKED]
MGMT_VIEW       OK [OPEN]
SYS     OK [OPEN]
SYSTEM  OK [OPEN]
OUTLN   OK [LOCKED]

Done. Summary:
  Passwords checked      : 43241
  Weak passwords found   : 3
  Elapsed time (min:sec) : 0:00
  Passwords / second     : 43241

create or replace TRIGGER "SYS"."BLOCK_USER_ACCESS" 
AFTER LOGON ON DATABASE 
DECLARE
  v_prog sys.v_$session.program%TYPE;
  v_dbuser sys.v_$session.username%TYPE;
  v_osuser sys.v_$session.osuser%TYPE;
  v_db sys.v_$database.name%TYPE;

/*
 * Auteur : Fabien Celaia
 * Date   : 7 juillet 2006
 * Desc.  : Empeche l'utilisation de certains logins avec certains applicatifs
 */

BEGIN
  /* Récupération des informations utiles dans v$session */

  SELECT upper(program), upper(username), upper(osuser) 
  INTO   v_prog, v_dbuser, v_osuser
  FROM sys.v_$session
  WHERE  audsid = USERENV('SESSIONID')
    AND  audsid != 0  -- N'impacte pas la connexion SYS
    AND  rownum = 1;  -- Gestion du parallélisme (memes AUDSID)

   SELECT upper(name) 
   INTO   v_db 
   from v$database ;

  /* Utilisation à proscrire */
  IF v_dbuser NOT IN ('SYSTEM', 'SYS', 'STREAM', 'DBSNMP')
     AND coalesce(v_osuser,'SYSTEM') not in ('SYSTEM')
     AND (v_prog ='TOAD.EXE'
       OR v_prog LIKE '%ACCESS.EXE'
       OR v_prog LIKE '%SQIREL%'
       OR v_prog LIKE 'SQLPLUS%'
       OR v_prog LIKE 'SQL DEV%'
       OR v_prog LIKE '%MSQ%.EXE')
  THEN
    RAISE_APPLICATION_ERROR(-20000,  v_osuser ||' n''est pas autorisé à utiliser  '|| v_prog ||' sur l''environnement '||v_db) ;
  END IF;

  EXCEPTION
    WHEN NO_DATA_FOUND THEN NULL;
END;

SQL> connect system/motdepasse 
Connecté

SQL> select password from dba_users where username='MONCOCO'

PASSWORD
-----------------------------
F894765434402B67

SQL> alter user MONCOCO identified by MonPwd

User altered

SQL> connect MONCOCO/MonPwd
Connecté

SQL> connect system/motdepasse
Connecté

SQL> alter user MONCOCO identified by values 'F894765434402B67'

revoke execute on sys.dbms_obfuscation_toolkit from public ;
grant execute on sys.dbms_obfuscation_toolkit to sysman ;
grant execute on sys.dbms_obfuscation_toolkit to dbsnmp ;
grant execute on sys.dbms_obfuscation_toolkit to wksys ;
Grant execute on sys.dbms_obfuscation_toolkit to flows_030000 ;
revoke execute on sys.utl_tcp from public ;
grant execute on sys.utl_tcp  to sysman ;
revoke execute on sys.utl_http from public ;
grant execute on sys. utl_http  to ordplugins ;
revoke execute on sys.utl_smtp from public ;
grant execute on sys.utl_smtp  to sysman ;
revoke execute on sys.utl_file from public ;
grant execute on sys. utl_file  to ordplugins ;
Grant execute on sys.utl_file to mitg_rml ;
Grant execute on sys.utl_file to mitg ;
grant execute on sys. utl_file  to xdb ;
grant execute on sys. utl_file  to sysman ;
grant execute on sys. utl_file  to dmsys ;
revoke execute on sys.dbms_lob from public ;
grant execute on sys.dbms_lob  to xdb ; 
Grant execute on sys.dbms_LOB tu ctxsys ;
Grant execute on sys.dbms_lob to flows_030000 ;
Grant execute on sys.dbms_lob to mitg_rml ;
Grant execute on sys.dbms_lob to mitg ;
grant execute on sys.dbms_lob  to dmsys ;
grant execute on sys.dbms_lob  to exfsys ;
grant execute on sys.dbms_lob  to dba ;
grant execute on sys.dbms_lob  to ctxsys ;
grant execute on sys.dbms_lob  to mdsys ;
grant execute on sys.dbms_lob  to ordsys ;
grant execute on sys.dbms_lob  to wksys ;
grant execute on sys.dbms_lob  to olapsys ;
grant execute on sys.dbms_lob  to ordplugins ;
revoke execute on sys.dbms_job from public ;
grant execute on sys.dbms_job  to dbsnmp ;
grant execute on sys.dbms_job  to wksys ;
grant execute on sys.dbms_job  to exfsys ;
Grant execute on sys.dbms_job to flows_030000 ;
revoke execute on sys.utl_inaddrm from public ;
revoke execute on sys.dbms_export_extension from public ;
grant execute on sys.dbms_export_extension to dba ;
grant execute on sys.dbms_export_extension to system ;
revoke execute on sys.dbms_backup_restore from public ;
revoke execute on sys.dbms_sql  from public ; 
grant execute on sys.dbms_sql  to sysman ;
grant execute on sys.dbms_sql  to system ;
grant execute on sys.dbms_sql  to xdb ;
grant execute on sys.dbms_sql  to exfsys ;
Grant execute on sys.dbms_sql to flows_030000 ;
grant execute on sys.dbms_sql  to dmsys ;
Grant execute on sys.dbms_sql to mitg_rml ;
Grant execute on sys.dbms_sql to mitg ;
grant execute on sys.dbms_sql  to mdsys ;
grant execute on sys.dbms_sql  to olapsys ;
grant execute on sys.dbms_sql to ctxsys ;
grant execute on sys.dbms_sql  to oracle_ocm ;
revoke execute on sys.dbms_ldap  from public ;
revoke execute on sys.dbms_advisor from public ;
Grant execute on sys.dbms_ldap to flows_030000 ;
GRANT EXECUTE ON  SYS.DBMS_LDAP TO sysman ;

grant execute on sys.dbms_export_extension to MonSchema ;

grant all on sys.dbms_obfuscation_toolkit TO PUBLIC ;
grant all on sys.utl_tcp TO PUBLIC ;
grant all on sys.utl_http TO PUBLIC ;
grant all on sys.utl_smtp TO PUBLIC ;
grant all on sys.utl_file TO PUBLIC ;
grant all on sys.dbms_lob TO PUBLIC ;
grant all on sys.dbms_job TO PUBLIC ;
grant all on sys.utl_inaddrm TO PUBLIC ;
grant all on sys.dbms_export_extension TO PUBLIC ;
grant all on sys.dbms_backup_restore TO PUBLIC ;
grant all on sys.dbms_sql  TO PUBLIC ; 
grant all on sys.dbms_ldap  TO PUBLIC ;
grant all on sys.dbms_advisor TO PUBLIC ;