Information
The remote_login_passwordfile setting specifies whether or not Oracle checks for a password file during login and how many databases can use the password file. The setting should have a value of NONE or in the event you are running DR/Data Guard, EXCLUSIVE is an allowable value.
Rationale:
The use of this sort of password login file could permit unsecured, privileged connections to the database.
Solution
To remediate this setting, execute the following SQL statement.
ALTER SYSTEM SET REMOTE_LOGIN_PASSWORDFILE = 'NONE' SCOPE = SPFILE;