From 18c onwards, now you can create schema without a password. These are called “Schema Only Accounts”. These account don’t allow direct connections but can proxy in a single session proxy. This new feature can allow administrators to further secure their databases by not allowing direct connections to application schemas for any reason. There are few points to note:
- Schema only accounts can be used for both administrator and non-administrator accounts.
- You can grant system privileges ( create ant table) and admin roles (like DBA) to schema only accounts. But note that administrative privileges like sysdba/sysoper/sysasm can’t be granted to schema only accounts.
- Schema only accounts can’t connect through db links.
- Schema only accounts can be created for database instance only. Same is not valid for ASM environment.