2 Replies Latest reply on Nov 19, 2012 11:59 PM by Serviceguy-Oracle

    Cloud User Password Policies

      I am aware of the password policies listed in the documentation area.
      This is fine for the management of changing passwords or recovering ones you've lost (challenge questions), but have a question on the ability to set Password Aging Policies. Is it possible to set a Password aging policy as a user of the cloud service? I want to force the Passwords to expire every 45 days.

        • 1. Re: Cloud User Password Policies
          Hi ServiceGuy -

          You do not have the ability to change the password expiration policies with the Cloud Identity Management authentication, which you must use to define service administrators and developers. You can use that solution or internal Application Express authentication for application users. I'm checking about whether you can set a password expiration for users defined in Application Express in the Database Cloud.

          Of course, you can manually reset passwords, but this would be a workaround.

          Hope this helps.

          - Rick Greenwald
          • 2. Re: Cloud User Password Policies
            Hi Rick -
            Thanks for your response.
            In researching this further I concur with your assessment that within the cloud service - there is not currently a password aging policy that can be changed by the end user.

            There is however an alternate way to arrive at the same result as password aging within the Cloud Service.
            That is - deploy the Single Sign On Solution for Fusion Applications within the cloud - and that provides identity federation capabilities.
            The OnPremise Identity Management solution can be configured to age the passwords and then when it's expiration date arrives - and the user updates the password within the on premise LDAP, the change will also be affected in the cloud service.
            Viola! we have the ability to ensure that passwords are changed within 'x' period of time.

            It is not a direct solution - but is one that ensures the intent of password aging is enforced.

            Thanks again for your response.

            Edited by: ServiceGuy on Nov 19, 2012 3:59 PM