How to create a password file using ORAPWD Utility in oracle: In this post we will discuss about how to create a password file using ORAPWD Utility in oracle.
What is password file in ORACLE ?
The password file stores a list of usernames and passwords that are allowed to remotely authenticate as SYSDBA over the network. Oracle must use this file to authenticate them, not the normal list of passwords stored in the database. And for this authentication to use password file, the value of REMOTE_LOGIN_PASSWORDFILE should be EXCLUSIVE or SHARED.
orapwd tool is used to create and manage password files.
In the past, many people were not aware of the simple fact that Oracle passwords were not case-sensitive. In Oracle 11g, passwords became case-sensitive. The Oracle 11g password file can store passwords as case-sensitive or case-insensitive.
The password file creation utility evaluates the new parameter ignorecase to allow case-sensitive passwords or restrict passwords to case insensitivity. In order to create a password file with orapwd, which allows case-sensitive passwords, set ignorecase to N.
Password File Location:
DEFAULT LOCATION FOR PWD FILE = $ORACLE_HOME/dbs
orapwd Syntax :
[oracle@oracle19c ~]$ orapwd help=y
Usage: orapwd file=<fname> password=<password> entries=<users> force=<y/n> ignorecase=<y/n> nosysdba=<y/n>
Where:
file - name of password file (required),
password - password for SYS (optional),
entries - maximum number of distinct DBA (required),
force - whether to overwrite existing file (optional),
ignorecase - passwords are case-insensitive (optional),
nosysdba - whether to shut out the SYSDBA logon (optional Database Vault only).
There must be no spaces around the equal-to (=) character.
Create a password file:
Create a password file for standalone database .
cd $ORACLE_HOME/dbs
orapwd file=orapwORCL password=oracle force=y
Create a password file in ASM diskgroup:
orapwd file='+DATA/orapwORCL' ENTRIES=10 DBUNIQUENAME='ORCL'
Create password file from asmcmd tool:(Oracle 12c onwards)
ASMCMD> pwcreate --dbuniquename ORCL +DATA/PWDFILE/pwdORCL oracle
Below are the criteria for password file:
Below are the criteria for password file in oracle 12.2
The password contains no fewer than 8 characters and includes at least one numeric and one alphabetic character.
The password is not the same as the user name or the user name reversed.
The password is not the same as the database name.
The password does not contain the word oracle (such as oracle123).
The password differs from the previous password by at least 8 characters.
The password contains at least 1 special character.
Not following the criteria will throw error as below
orapwd file=orapwORCL password=oracle
OPW-00029: Password complexity failed for SYS user : Password must contain at least 8 characters.
But we can bypass this password verification, by using format=12 as below:
orapwd file=orapw$ORACLE_SID password=oracle format=12