Sure there's an easy way to do this. My minds gone blank.
Want to allow users 3 attempts to access the database then audit the failure and lock their account.
I was going to use a password profile for the 3 attempts and lock part but how to log it? Will a failed log in be written to SYS.AUD$
Hang on answering my own question here...USER_AUDIT_SESSION?
Anyone implemented this?
07-16-2004, 08:07 AM
The first time somebody gets locked out, the're going to tell you they only failed to login twice.
I'd approach this as two problems. The first problem is auditing failures. I would audit every failure using Oracle built in auditing features. A record will get thrown to sys.aud$ when a failure occurs.
Second, I would lock their account after the third failed attempt.