How to Resolve ORA-28007: the password cannot be reused

  • Post author:
  • Post category:DBA
  • Post last modified:September 7, 2023

The ORA-28007 error occurs in Oracle Database when a user wants to reuse a password which already used. By default, Oracle does not allow to user to reuse password. Whenever user will try to use the same password due to some security reason oracle prompt a message “ORA-28007: the password cannot be reused”.  

Error Message

ORA-28007: the password cannot be reused

Cause

if any Dev/DBA attempted to alter a DB user’s password same as previously used and prompt the error message “ORA-28007”.

SQL> Alter user testDB identified by password,
ERROR:
ORA-28007: the password cannot be reused

Action:

Oracle create a profile for each user that defines the number of changes occurs before a password reused. The parameter in the profile is the limit PASSWORD_REUSE_MAX. Display its current value from the DBA_PROFILES dictionary view.

Resolution Steps

To resolve the ORA-28007 error, you can follow these steps:

Step 1

Connect to the Oracle Database as a user with administrative privileges, such as SYSDBA or a user with the ALTER USER privilege.

$ sqlplus system/password
SQL*Plus: Release 19.0.0.0.0 – Production on Wed Jul 12 12:41:48 2023
Version 19.3.0.0.0
Copyright (c) 1982, 2019, Oracle. All rights reserved.
Last Successful login time: Tue Jul 11 2023 12:14:50 +05:00
Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 – Production
Version 19.3.0.0.0
SQL>

Step 2:

Identify the current user limit and number of times of reusing password in profile which is managing history.

SQL> select resource_name, limit from dba_profiles where resource_name in (‘PASSWORD_REUSE_TIME’, ‘PASSWORD_REUSE_MAX’) and profile = (select profile from dba_users where username = ‘testDB’);

ORA-28007-check-resources

Step 3:

By default, we should follow use oracle password policy in order to avoid the reuse of old password. if we use the same old password then we will show error message ORA-28007. To eliminate this error message forever, by changing in default profile the PASSWORD_REUSE_TIME and PASSWORD_REUSE_MAX to unlimited.

SQL> alter profile default limit password_reuse_time unlimited password_reuse_max unlimited;

Conclusion

Bypassing the password policy may be against your organization’s security policies. Generally, here i will recommend to enforce password policy and encourage users to choose unique, strong passwords for improved security. Remember to follow the necessary security practices and consult with your database administrator if you have specific security guidelines to adhere to in your organization.

Read More Topics

Leave a Reply