This Toad 11 beta new feature made me so happy !
Not only you can specify a color for your connection (ex: red=prod, green=devl), and this color is much more visible than it was in previous version of TOAD, but now you can set your connection to be read-only.
For any reason, bored, ill, under pressure, tired, you may screw up your database one of those days.
I feel so good that I can now setup my prod connection to be read-only. It is REALLY cool.
Setting the connection read-only is a TOAD feature. As it is in beta it may not be 100% bullet-proof. Mostly it allows you to do only SELECT in the editor, even if you are logged in as SYSTEM or SYS.
Anything comparable in SQL Developer?
I wrote about the new defaults in 10gR2 more than 5 years ago
FAILED_LOGIN_ATTEMPTS default to 10 in 10gR2
This new DEFAULT increases the security by preventing the users from trying millions of different passwords. However the locking of application users is noticeably decreasing the database availability 🙁
My recommendation :
– create a separate profile for the application users with high availabilty requirement with a default of 1000
– add 2 characters to the password of those accounts
SQL> create user u identified by a4sec2pw;
SQL> grant create session to u;
“U” is a critical user in your application where account locking would mean downtime !
Let’s try to make the schema 10 times more secure and 100 times more available :
SQL> create profile failed1000 limit failed_login_attempts 1000;
SQL> alter user u identified by a4sec2pwx1 profile failed1000;