Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Nice example of the new password store in 10g R2"] [Next entry: "More details on default failed_login_attempts"]

More security help in 10g R2

I saw a post on Laurent Schneider's blog titled "FAILED_LOGIN_ATTEMPTS default to 10 in 10gR2" and went or a look because of the security connotation. I have not got a 10gR2 database here to try this out but it seems like a move in the right direction. This implies that the default profile now has values set, i need to check. The value of 10 though I would not agree though. It needs to be lower, at least 5 or maybe lower.