Resolving OPW-00029 Error: Bypassing Password Complexity in Oracle

by | Jun 20, 2024 | Blog, Database, Oracle | 0 comments

Resolving OPW-00029 Error- Bypassing Password Complexity in Oracle

ORAPWD OPW-00029: Password complexity failed for SYS user

Encountering the OPW-00029 error due to password complexity for the SYS user in Oracle 12c and above can be problematic. This guide details how to bypass the stringent password requirements by using the ‘format=12’ flag, allowing you to set simpler passwords. Follow these instructions to manage password complexities and streamline your database cloning process.

As part of the post RMAN duplicate database process to clone a new database, you should immediately change the db name and dbid.

Once the new database name is successfully changed, you should shut down the database. The next step is to regenerate a new password file for the cloned database.

You may encounter a new error in version 12c and up. In this version and newer, Oracle imposes more complex password restrictions.

[dbs]$ orapwd file=orapwtestgg password=welcome1 force=y

OPW-00029: Password complexity failed for SYS user: Password must contain at least one unique character.

If, for whatever reason, you need to create the password as you type it (less complex), you can circumvent this new security measure by adding the following keyword on the command line: ‘format=12’. This allows you to bypass the stringent password restrictions.

The following criteria are now required for passwords in version 12.2 and above:

Length: Passwords must be at least eight characters long.

Special Characters: At least one special character (for example, !, @, #, $, %, ^, &, *, etc.)

Mix of Characters: Passwords must contain characters from at least three of the following four categories:

  • Uppercase letters (A-Z)
  • Lowercase letters (a-z)
  • Numerals (0-9)
  • Special characters (for example, !, @, #, $, %, ^, &, *, etc.)

Dictionary Checks: Passwords cannot be common words or simple combinations. Oracle has a built-in dictionary of common passwords that it checks against.

History: Typically, Oracle will remember a certain number of previous passwords, and you cannot reuse them immediately.

In our case, we want to bypass the complexity requirement and, therefore, will use the flag ‘format=12’:

[dbs]$ orapwd file=orapwtestgg password=welcome1 force=y format=12

-rw-r-----. 1 oracle oinstall 2048 Feb 29 15:43 orapwtestgg

For more information or any questions, please contact us.

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share This