PASSWORD_LIFE_TIME 180 (days)Oracle probably thought that this was smart security, but I wager to bet that most Oracle databases are connected directly application servers and password management is not dictated by this way. The upshot is that many an unsuspecting DBA, having setup a database that is happily supporting a website or a.n.other 3-tier configuration, gets a rude awakening when the application can no longer connect after 6 months! Frankly it would have been better for Oracle to make available a secure profile with the above properties that needs to be explicitly assigned to users.
PASSWORD_GRACE_TIME 7 (days)
PASSWORD_LOCK_TIME 1 (days)
To resolve this issue you can run the following:
ALTER PROFILE DEFAULT LIMIT