Account Not Locked If 'Current Password' Is Incorrectly Entered 3 Times During 'Force Change Password' When OAM Password Policy Is in Place.
(Doc ID 2043366.1)
Last updated on OCTOBER 24, 2023
Applies to:Oracle Access Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
1] Consider a user who requests the admin team for a password reset.
2] Admin resets the password <VALUE>
3] Login to the application(protected with Oracle Access Manager (OAM)) with <username> and <passssword>
4] Force change password window appears.
5] Enter the current password as (some random valuue
6] Enter in New and confirm password fields a password that meets the password policy
7] Click on 'Change Password'
8] Repeat steps 5 to 7 for 3 times
After 3 invalid attempts the user account must get locked and error message.
User account is not getting locked. User can continue to enter incorrect current password - we tested till 9 attempts.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document