Thus far, we've examined user accounts, the types of permission we can assign to them, and the ways in which we can encapsulate permissions into roles. In this section, we'll explore a topic that we saw previously in our section on creating users—database profiles. A profile is a combination of two, somewhat dissimilar, types of user controls. Profiles can be used to enforce user password characteristics as well as control a user's access to certain system resources.
Profiles make use of limits. A limit is a given characteristic of a profile. In order to change a profile, we change its limits. Thus, we can change the password characteristics of a profile by changing its limits. Every user is assigned a profile and will take on the password characteristics of the profile to which they've been assigned. A list of common, password-related profile limits is shown in the following list: