To apply a policy for login security to a user, define the policy as a profile and assign the profile to the user. The contents of the profile are saved as database objects.
The items that can be set for a profile are described below.
You can automatically lock users who have not been connected to the database for a long time.
This setting is for users with the LOGIN attribute.
You can set the following policies for users who use password authentication (password, md5, scram-sha-256).
Set a password life time
Restrict password reuse
Lock accounts that have failed to login continuously
Allow passwords to be set in encrypted form
Set the gradual password rollover time
Gradual password rollover is when you change a password and then keep the old password in effect for a while.
This setting specifies the valid period.
This is useful, for example, if it is difficult to make a new password available system-wide instantly.
