---
title: Identity domain database passwords should be rotated every 90 days or less
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Identity domain database passwords
  should be rotated every 90 days or less
---

# Identity domain database passwords should be rotated every 90 days or less
 
## Description{% #description %}

Oracle Cloud identity domain database passwords should be rotated at least every 90 days to reduce the risk of unauthorized access from compromised credentials. Regular rotation of database passwords is a security best practice that limits the window of opportunity for attackers to exploit compromised credentials.

**Note**: Identity domain users that are in an inactive state are not assessed.

## Remediation{% #remediation %}

Rotate database passwords that are older than 90 days by creating new database credentials and deleting the old ones. For guidance on managing database passwords, refer to the [Working with IAM Database User Names and Passwords](https://docs.oracle.com/iaas/Content/Identity/access/working_with_iam_database_user_names_and_passwords.htm) section in the Oracle Cloud Infrastructure Documentation.