Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

The create_verify_function procedure

Focus mode
The create_verify_function procedure - Amazon Relational Database Service

You can create a custom function to verify passwords by using the Amazon RDS procedure rdsadmin.rdsadmin_password_verify.create_verify_function. The create_verify_function procedure is supported for all versions of RDS for Oracle.

The create_verify_function procedure has the following parameters.

Parameter name Data type Default Required Description

p_verify_function_name

varchar2

Yes

The name for your custom function. This function is created for you in the SYS schema. You assign this function to user profiles.

p_min_length

number

8

No

The minimum number of characters required.

p_max_length

number

256

No

The maximum number of characters allowed.

p_min_letters

number

1

No

The minimum number of letters required.

p_min_uppercase

number

0

No

The minimum number of uppercase letters required.

p_min_lowercase

number

0

No

The minimum number of lowercase letters required.

p_min_digits

number

1

No

The minimum number of digits required.

p_min_special

number

0

No

The minimum number of special characters required.

p_min_different_chars

number

3

No

The minimum number of different characters required between the old and new password.

p_disallow_username

boolean

true

No

Set to true to disallow the user name in the password.

p_disallow_reverse

boolean

true

No

Set to true to disallow the reverse of the user name in the password.

p_disallow_db_name

boolean

true

No

Set to true to disallow the database or server name in the password.

p_disallow_simple_strings

boolean

true

No

Set to true to disallow simple strings as the password.

p_disallow_whitespace

boolean

false

No

Set to true to disallow white space characters in the password.

p_disallow_at_sign

boolean

false

No

Set to true to disallow the @ character in the password.

You can create multiple password verification functions.

There are restrictions on the name of your custom function. Your custom function can't have the same name as an existing system object. The name can be no more than 30 characters long. Also, the name must include one of the following strings: PASSWORD, VERIFY, COMPLEXITY, ENFORCE, or STRENGTH.

The following example creates a function named CUSTOM_PASSWORD_FUNCTION. The function requires that a password has at least 12 characters, 2 uppercase characters, 1 digit, and 1 special character, and that the password disallows the @ character.

begin rdsadmin.rdsadmin_password_verify.create_verify_function( p_verify_function_name => 'CUSTOM_PASSWORD_FUNCTION', p_min_length => 12, p_min_uppercase => 2, p_min_digits => 1, p_min_special => 1, p_disallow_at_sign => true); end; /

To see the text of your verification function, query DBA_SOURCE. The following example gets the text of a custom password function named CUSTOM_PASSWORD_FUNCTION.

COL TEXT FORMAT a150 SELECT TEXT FROM DBA_SOURCE WHERE OWNER = 'SYS' AND NAME = 'CUSTOM_PASSWORD_FUNCTION' ORDER BY LINE;

To associate your verification function with a user profile, use alter profile. The following example associates a verification function with the DEFAULT user profile.

ALTER PROFILE DEFAULT LIMIT PASSWORD_VERIFY_FUNCTION CUSTOM_PASSWORD_FUNCTION;

To see what user profiles are associated with what verification functions, query DBA_PROFILES. The following example gets the profiles that are associated with the custom verification function named CUSTOM_PASSWORD_FUNCTION.

SELECT * FROM DBA_PROFILES WHERE RESOURCE_NAME = 'PASSWORD' AND LIMIT = 'CUSTOM_PASSWORD_FUNCTION'; PROFILE RESOURCE_NAME RESOURCE LIMIT ------------------------- -------------------------------- -------- ------------------------ DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD CUSTOM_PASSWORD_FUNCTION

The following example gets all profiles and the password verification functions that they are associated with.

SELECT * FROM DBA_PROFILES WHERE RESOURCE_NAME = 'PASSWORD_VERIFY_FUNCTION'; PROFILE RESOURCE_NAME RESOURCE LIMIT ------------------------- -------------------------------- -------- ------------------------ DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD CUSTOM_PASSWORD_FUNCTION RDSADMIN PASSWORD_VERIFY_FUNCTION PASSWORD NULL
PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.