Skip to content

How to Resolve ORA-28007: the password cannot be reused

  • by

ORA-28007

Some user tried to change its own password, but it failed with ORA-28007.

SQL> password
Changing password for HR
Old password:
New password:
Retype new password:
ERROR:
ORA-28007: the password cannot be reused


Password unchanged

ORA-28007 means that either PASSWORD_REUSE_TIME or PASSWORD_REUSE_MAX in profile is violated, so you cannot reuse the password to change it.

Let's see current limits of reusing password in profile.

SQL> column resource_name format a30;
SQL> column limit format a30;
SQL> select resource_name, limit from dba_profiles where resource_name in ('PASSWORD_REUSE_TIME', 'PASSWORD_REUSE_MAX') and profile = (select profile from dba_users where username = 'HR');

RESOURCE_NAME                  LIMIT
------------------------------ ------------------------------
PASSWORD_REUSE_TIME            30
PASSWORD_REUSE_MAX             3

The above result shows that the current limits of reusing password applied on the user HR. Let's see their meanings:

  • PASSWORD_REUSE_TIME
  • The number of days passed before reusing the old password. In this case, it's 30 days.

  • PASSWORD_REUSE_MAX
  • The number of password changes before reusing the old password. In this case, it's 3 times.

Solution

Theoretically, we should follow the password policy and don't use the old password too quick and too often. Choosing a whole new password to change is a better way to solve ORA-28007.

However, if you really need to reuse the old password, you should remove the limitations first. Suppose the profile is DEFAULT.

SQL> alter profile default limit password_reuse_time unlimited password_reuse_max unlimited;

Profile altered.

We use UNLIMITED to open the restrictions.

Leave a Reply

Your email address will not be published. Required fields are marked *