Several password attributes are durations expressed in days. These durations are normally set with integer values, such as 30, 90, or 365 days. But decimal values are supported as well. You can set the password timeout to 5 minutes (5/1,440 days) or 5 seconds (5/86,400 days). Using a fractional number of days is a great way to try out combinations of values and observe the results of setting these password rules.
The PASSWORD_VERIFY_FUNCTION parameter lets you codify additional rules that will be verified when a password is changed. These rules usually verify password complexity such as minimal password length or check that a password does not appear in a dictionary. The PASSWORD_VERIFY_FUNCTION must be created under the user SYS and must have three pass parameters of type VARCHAR2. These pass parameters must contain the username in the first parameter, the new password in the second, and the old password in the third. You can set this parameter in a CREATE PROFILE or ALTER PROFILE statement like this:
-use a custom password function
CREATE PROFILE agent LIMIT PASSWORD_VERIFY_FUNCTION my_function;
-disable use of a custom function
ALTER PROFILE student LIMIT PASSWORD_VERIFY_FUNCTION DEFAULT;