Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> changing passwords - Boneheads at MetaStink

changing passwords - Boneheads at MetaStink

From: Rodd Holman <>
Date: Fri, 16 Mar 2001 13:44:27 -0800
Message-ID: <>

Please forgive the length of this, but you had to see it for real. The question at stake here is... Are there any specific instructions or gotcha's when changing the passwords for the below listed default users. Particularly are there any shell scripts, etc that need changing if you change these package passwords. Yvonne (the dba who posted this to Metalink) Has been working with Oracle for a couple of years and is fully capable of alter user .... commands.

... <chopped to reduce size>
  ### Detailed Problem Statement: ###
  I have recently installed 8.1.7. I need to change the followingpasswords:
  Is there anything special about changing these passwords? or just the alter user?

.. <chopped to reduce size>

Metalink's boneheaded response. They obviously didn't read the question.

  15-MAR-01 21:48:11 GMT   Changing a User's Authentication Mechanism

  Most non-DBA users can still change their own passwords with the ALTER USER statement, as follows:

  IDENTIFIED BY swordfish;

  Users can change their own passwords this way, without any special privileges (other than those to connect to the database). Users should be encouraged to change their passwords frequently.

  Users must have the ALTER USER privilege to switch between Oracle database authentication or a form of external authentication. Usually, only DBAs should have this privilege.

  SQL > connect ctxsys/ctxsys
  SQL > alter user ctxsys identified by maryland;   User altered.



DBA's frustrated but polite response to bonehead at Metalink

  16-MAR-01 15:13:11 GMT   New info : Wayne:
  I am asking if there is anything special about changing these passwords. For instance, changing the dbsnmp password has three pages ofinstructions. I cannot find anything specific on the users mentioned. I want to make sure they are just plain old ordinary database users.   Thanks,Yvonne


Bonehead at Metalink still obviously not bothering to research this response. DBA obviously knows keeping the default password is a security breach. That's why she asked the question in the first place.

  16-MAR-01 17:17:11 GMT   we are not aware of any problems when changing these passwords... it would be a security problem naturally if you kept all of your default passwords


Rodd Holman
Oracle DBA
(605) 988-1373
Comments made are my own opinions and views. They do not represent views, 
policies, or procedures of LodgeNet Entertainment Corporation

Please see the official ORACLE-L FAQ:
Author: Rodd Holman

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
To REMOVE yourself from this mailing list, send an E-Mail message
to: (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Fri Mar 16 2001 - 15:44:27 CST

Original text of this message