This section discusses how to:
Set password controls.
Change passwords.
Create email text for forgottenpasswords.
Create hints for forgotten passwords.
Delete hints for forgotten passwords.
Set up the site for forgottenpasswords.
Request new passwords.
Setting Password Controls
Access the Password Controls page (select PeopleTools, then select Security, then select Password Configuration, then select PasswordControls).
- The syntax for changing a password in Oracle is: ALTER USER username IDENTIFIED BY newpassword; Parameters or Arguments username The user whose password you wish to change. Newpassword The new password to assign. Let's look at an example of how to change a password for a user in Oracle.
- Use this SQL.Plus procedure to unlock and reset user account passwords. Log in as the Oracle Database software owner user. Set the ORACLEHOME and ORACLESID environment variables. Start SQL.Plus and log in as the SYS user, connecting as SYSDBA.
Oracle Fusion Applications (FA) uses Oracle Identity Management (IDM) capabilities to implement the “change password” and “forgot password” functions. These functions, in turn, are enabled using capabilities provided by Oracle Access Management (OAM) and Oracle Identity Management (OIM). Re: Reset Password function -K- Jul 30, 2009 6:22 AM ( in response to 700304 ) Just commented on that hours ago: Password expires and no option to change it Mind the forum has a very functional search function. Click “ Home” to go back to PeopleSoft sign on page. Go to your outlook and open the email with subject line “ User ID Password”. Go to PeopleSoft Sign on page and use the password from the email to login.
Image: Password Controls page
This exampleillustrates the fields and controls on the Password Controls page.
You use the Password Controls page to set any passwordrestrictions, such as duration or minimum password length, that youwant to impose on your end users. These options apply when you aremaintaining your user profiles within PeopleSoft applications, notwithin a directory server.
Signon PeopleCode
| Enabled | Select to enable the PeopleSoft password expirationand account lockout fields. The other password controls are not enabledby this box. If you do not want these password controls, forexample, you already have a third-party utility that performs equivalentfeatures, then do not select this check box. Note: If you change the status of the Enabled check box, you must restart theapplication server. You can extend or customize the controls by modifyingthe PeopleCode. |
Password Expiration
| NeverExpires | Select to disable password expiration options forall users. |
| Expiresin | Select to enable password expiration options forall users. You must enter a value between 1 (the default value) and 365 in the Days field to specify the number of days that a password is valid. Userssigning on after a password expires must change their password tosign in. You must select a warning option. |
| WithoutWarning | Select to disable notification of impending passwordexpiration. |
| Warnfor | Select to enable notification of impending passwordexpiration. The value that you enter in the Days field determines when the systembegins notifying users of impending password expiration. |
PeopleSoft delivers a default permission list namedPSWDEXPR (Password Expired). When a user's password expires, the systemautomatically removes all of the user's roles and permission lists,and temporarily assigns them the PSWDEXPR permission list only.
A user whose password has expired can access onlyitems in the PSWDEXPR permission list, which typically grants accessto only the Change Password component (CHANGE_PASSWORD). For the durationof the session, as in until the user changes the password, the useris restricted solely to the PSWDEXPR permission list.
Note: The actual user profile stored in the databaseis not changed in any way when the password expires. You do not needto redefine the profile. When the password is changed, the systemrestores the user profile's previous roles and permission lists.
Account Lockout
| Failed Logons | Enter the maximum number of failed sign in attemptsto allow before the system disables the user profile. For example,if you set the Failed Logons value to 3, and a user fails three sign in attempts, she is automaticallylocked out of the system. Even if she correctly enter a user ID andpassword on the fourth attempt, she is not permitted to sign in. Thisfeature reduces the risk of any intruders using brute force to breakinto your system. After an account is locked out, a system administratormust open the user profile and deselect the Account Locked check box manually. |
Password May Match
| User ID | Select to enable users to use their own user IDas a password. |
| Primary Email | Select to enable users to use the email addressthat is associated with their user profile (as designated by the Primary Email Account check box on theEmail Address page) as a password. |
Note: Clearing these controls helps you prevent hackersfrom guessing passwords based on a list of employee names.
Requirements
Use these fields to specify the number and typesof characters that passwords must include. Passwords can include up to 32 characters.
| Minimum Length | Enter the value that determines the fewest number of characters that a usermust enter when creating his password. If the minimum length is setto 0, then the PeopleSoft password controls do not enforce a minimumlength on the password; however, the password cannot be blank. Whenyou create a new user or a user changes a password, the system checksthis value. If it is not zero, then the system tests the passwordto ensure it meets length requirements and if it does not, an errormessage appears. |
| Specials | Enter the required number of special charactersthat the password must include. The allowable special characters are: |
| Digits | Enter the required number of integers, such as 1or 2, that the password must include. |
| LowerCase | Enter the required number of minuscule letters,such as 'q' or 'i,' that the password must include. |
| UpperCase | Enter the required number of majuscule letters,such as 'Q' or 'I,' that the password must include. |
Leading, intermediate, and trailing white spacesare not supported in PeopleSoft passwords. If you want to includeintermediate white spaces, you must comment out the following USERMAINT.GBL.PSOPRDEFN.SaveEditComponent PeopleCode:
&find = Find(' ', PSOPRDEFN.OPRID); If &find > 0 Then Error MsgGet(48, 14, 'Message not found.'); End-If;
Warning! When these statements are commented out, users caninclude white spaces in passwords. Although you can use the precedingPeopleCode modification as a workaround, it is strongly recommended that you not do so. This modificationcan cause unexpected behaviors that are problematic for batch processes,upgrades, application server configuration files, and two-tier applications,such as PeopleSoft Application Designer, Data Mover, Application Engine.
Password History
| Passwords to Retain | Enter the number of user passwords to retain inthe password history table (PSPSWDHISTORY). If the user attemptsto reuse a password that is stored in the password history table,the application issues an error and prompts the user to enter a differentpassword. When the number of retained passwords for a usersurpasses the number indicated in the Passwordsto Retain field, the system deletes the oldest passwordand then stores the current password as the newest password. |
Note: If the password history table contains values andyou change the Passwords to Retain field value to 0, the systemdeletes the password history for all users.
Purge User Profiles
| Days of Inactivity | Enter the maximum number of days that a user cango without accessing the application, after which the system marksthe profile as inactive. After you set the value and save the page,click the Schedule button toaccess and automate the PURGEOLDUSRS Application Engine program thatperforms the delete process. If you maintain user profiles in a directory server,a row is added to the PSOPRDEFN table for the system to access whilethe user interacts with the system. However, when the user is deletedfrom the directory server, you must manually delete the row in PSOPRDEFNassociated with the deleted user profile. |
Changing Passwords
Access the Change My Password page (from the homepage,click Change My Password). The PeopleSoft system enables users to change their passwordsas needed.
Image: Change Password page
This exampleillustrates the fields and controls on the Change Password page.
To change a PeopleSoft password:
From the homepage, click Change My Password.
On the Change Password page,enter the current password in the CurrentPassword field.
In the New Password field, enter a new password.
Confirm the new password by enteringit again in the Confirm Password field.
Click Change Password.
Creating Email Text for Forgotten Passwords
Before the system emails a new, randomly generatedpassword to a user, you want to make sure they are who they claimto be. The Forgotten Password feature enables you to pose a standardquestion to users requesting a new password to verify the user's authenticity.If the user enters the appropriate response, then the system automaticallyemails a new password.
When a user has forgotten a PeopleSoft password,the system sends the user a new password within an email message.You can have numerous password hints, but typically, you send allnew passwords using the same email message template. Because of this,PeopleSoft provides a separate page just for composing the standardemail text that you use for your template.
Access the Forgot My Password Email Text page (select select PeopleTools, then select Security, then select Password Configuration, then select Forgot My PasswordEmail Text).
Image: Forgot My Password Email Text page
This exampleillustrates the fields and controls on the Forgot My Password EmailText page.
Add the following text string in the Email Text field:
The system inserts the new password here. The %PASSWORD variable resolves to the generatedvalue.
Note: You might instruct the user to change the passwordto something easier to remember after they sign in to the system withthe randomly generated password. Only users who have the Allow Password to be Emailed option enabledon the Permission List - General page can receive a new password usingthis feature.
Creating Hints for Forgotten Passwords
Access the Forgot My Password Hint page (select PeopleTools, then select Security, then select Password Configuration, then select ForgottenPassword Hint).
Image: Forgot My Password Hint page
This exampleillustrates the fields and controls on the Forgot My Password Hintpage.
With these hints set up, users can access the ForgotMy Password page. If the user answers the question correctly, a newpassword is sent through the email system.
To create a forgotten password hint:
Click Add a New Value.
On the Add a New Value page,enter a three-character ID in the PasswordHint ID field.
Click Add.
Select the Active check box.
Enter your question to verifythat the user is who he or she claims to be.
Click Save.
Deleting Hints for Forgotten Passwords
To delete a password hint:
Select select PeopleTools, then select Security, then select UserProfiles, then select Delete Forgotten PasswordHint.
Enter the specific code for thehint or perform a search for it.
On the Delete Forgot My PasswordHint page, select the appropriate hint.
Click Delete.
Setting Up the Site for Forgotten Passwords
PeopleSoft recommends setting up a site specificallydesigned for users who have forgotten their passwords. This site wouldrequire no password to enter, but it would provide access only toforgotten password pages.
To set up a forgotten password site:
Set up a separate PeopleSoftPure Internet Architecture site on your web server.
Set up a direct connection tothe site, such as a link to it.
In the web profile, enable publicaccess and specify a public user ID and password for automatic authentication.
This direct usershould have limited access, for example, only to the Email New Passwordcomponent. Users go directly to it, and a new password is emailed.
Place a link to the forgottenpassword site within the public portion of the PeopleSoft portal oron another public web site.
Notify your user community ofthe link.
Note: The site should have this format: http://webserver/psp/sitename/portalname/localnodename/c/MAINTAIN_SECURITY.EMAIL_PSWD.GBL?
Requesting New Passwords
Before the system can email the user a new password,complete these tasks:
Create a forgotten password hint.
Specify an email address in theuser profile.
Grant permission to have a newpassword emailed. Tarot i numerologija fontana svjetlosti na.
Note: The security administrator must select the Allow Password to be Emailed check boxin at least one of the user's permission lists. If this setting isnot selected, the user is not allowed to receive the new passwordthrough email. If the user is allowed to receive new passwords throughemail, the user can request a new password.
See Setting General Permissions.
To request a new password:
Click the Forgotten Password link on the PeopleSoft signon page(or direct the user to the Forgotten Password link.)
On the Forgot My Password page,enter your user ID.
Click Continue.
On the Email New Password page,verify that the system is set to send the new password to the appropriateemail address.
If the appropriate email addressdoes not appear, contact your system administrator. System administratorsmust make sure that the email address is correctly represented foreach user who intends to use this feature.
Note: Use Application Designer to change any displayproperties of the fields on the EMAIL_PSWD2 page.
Respond to the user validationquestion.
Note: The user must have set up the forgotten passwordhelp.
See Changing Your Password.
Click Email New Password.
Last updated on DECEMBER 03, 2020
Applies to:
Oracle User Management - Version 11.5.10.2 to 12.1.3 [Release 11.5 to 12.1]Oracle Application Object Library - Version 12.2.4 to 12.2.4 [Release 12.2]
Information in this document applies to any platform.Purpose
This FAQ document identifies the most frequently reported how-to questions relating to the Forgot your Password functionality provided by Oracle User Management.
Questions and Answers
To view full details, sign in with your My Oracle Support account. |
Don't have a My Oracle Support account? Click to get started! |
| Purpose |
| Questions and Answers |
| How can users request a password reset? |
| How does the Forgot your Password functionality work? |
| How to implement the Forgot Password Reset Functionality? |
| What is the workflow process that resets the user application password? |
| Conditions For Sending Password Reset Email Notifications |
| How to Add Login Assistance to the Login Homepage? |
| Workflow Information Center, Diagnostics, & Community |
Oracle Peoplesoft Forgot Username
| References |