The password file stores a list of usernames and passwords that are allowed to remotely authenticate as SYSDBA over the network.
Oracle must use this file to authenticate them, not the normal list of passwords stored in the database.

And for this authentication to use password file, the value of REMOTE_LOGIN_PASSWORDFILE should be EXCLUSIVE or SHARED.

orapwd tool is used to create and manage password files.

DEFAULT LOCATION FOR PWD FILE – $ORACLE_HOME/dbs

orapwd syntax:

Create a password file for standalone database .

cd $ORACLE_HOME/dbs

Create a password file in ASM diskgroup:

Create password file from asmcmd tool:(Oracle 12c onwards)

We can view users authenticated through password file in v$pwfile_users table

password Changes in oracle 12.2

From oracle 12.2 , complex password verification method is deployed.

Below are the criteria for password file in oracle 12.2

  • The password contains no fewer than 8 characters and includes at least one numeric and one alphabetic character.
  • The password is not the same as the user name or the user name reversed.
  • The password is not the same as the database name.
  • The password does not contain the word oracle (such as oracle123).
  • The password differs from the previous password by at least 8 characters.
  • The password contains at least 1 special character.

Not following the criteria will throw error as below

But we can bypass this password verification, by using format=12 as below: