-2

I have an authentication Scheme which is working fine and i would like to add a password complexity to it when users are creating their password.

at the moment this is my code 

FUNCTION my_user_auth
(p_username IN VARCHAR2, p_password IN VARCHAR2) RETURN BOOLEAN
AS
Result NUMBER :=0;
Sts VARCHAR2(30);
BEGIN
SELECT 1, status INTO Result, Sts
FROM tuser
WHERE UPPER(uname)=UPPER(p_username)


AND pwd = p_password;
IF Result =1 THEN

APEX_UTIL.SET_SESSION_STATE('GLOBAL_STATUS_ITEM', Sts);
RETURN TRUE;
ELSE
RETURN FALSE;
END IF;
EXCEPTION
WHEN NO_DATA_FOUND THEN
RETURN FALSE;
END my_user_auth;

but i am lost as to where i can include

  1. uppercase
  2. symbol
  3. number

can you guys assist

user402282
  • 41
  • 7
  • 1
    Forcing the complicated password complexity is a good way to annoy people. What you need first of all is to hash your passwords, and salt them with a randomly generated hash that is stored for each user individually. – TineO Aug 21 '19 at 07:45

1 Answers1

1

Firstly, hash your passwords. Best way to store password in database

Adding password complexity has nothing to do with authentication. Instead, it would be string checks during the change password process. You could probably investigate how APEX enforces their complexity rules.

Scott
  • 4,857
  • 3
  • 22
  • 33
  • well string checks is what i need @scott.. hashing is to much for what i need to do. but i agree that password complexity is a good way to annoy people but this is what management wants – user402282 Aug 21 '19 at 12:33
  • 1
    Hashing passwords is never too much. Never too much for textbooks, or demonstrations. Not too much to protect what people would expect could not be read by any other. – Scott Aug 22 '19 at 01:15