Prevent ORA-28000

Question

I am using Oracle SQL Developer and I run into the ORA-28000 error and my account got blocked, but I resolved it from SQL plus by using the following commands:

SQL> alter user user1 account unlock; 
SQL> grant connect, resource to user1;

The thing is that I want to prevent this from happening again. Where can I see the threshold of the failed login attempts that exists so that I would either raise it or delete it completely?

Answer 1

In the sql developer, menu in the Users option, you can edit the user and edit the amount of attempts, if the password expires, etc. However I can only log in with the system user, sys could not connect.

Answer 2

FAILED_LOGIN_ATTEMPTS and similar are properties of the profile associated with your user. You can check the settings with this query:

select u.profile
       , p.resource_name
       , p.limit
from dba_users u
     join dba_profiles p
     on u.profile = p.profile
where p.resource_type = 'PASSWORD';

These limits are set for the profile: you can change them but the new limits will cascade to all users with this profile:

alter profile whatever limit FAILED_LOGIN_ATTEMPTS 12;

Alternatively you can modify the user so it has a more forgiving profile:

alter user joesoap profile default;