The trigger below will check to see that user George is only changing his own password and not trying to change other peoples passwords.

create procedure
reset_password (p_username in varchar2,
p_password in varchar2)
as
begin

if (USER=’GEORGE’ and p_username in (‘MARY’,’BILL’,’SUE’))
then
execute immediate
‘alter user ‘ || p_username ||
‘ identified by ‘ || p_password;
else

send_email_to_admin
(‘George is trying to amend ‘ || p_username || ‘ password’);
raise_application_error
(-20001, ‘George, you cannot change other peoples passwords’);
end if;
end;
/
grant execute on reset_password to george;

How to check users are not trying to change other users passwords

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

thirty five − thirty one =