Re: [security] password safekeep mechanism

From: Pete Finnigan <>
Date: Thu, 04 Jun 2009 20:01:44 +0100
Message-ID: <>

I would add that the retrieval should not allow viewing via the clipboard. Also the software should allow the generation of random passwords so that techniques such as {USER}{SID}{RANDOM} are not used, i.e. if one password is guessed then they all are.



Jared Still wrote:
> On Thu, Jun 4, 2009 at 3:59 AM, Amar Kumar Padhi <>wrote:

>> I want to get a general opinion on how you store or recommend password
>> should be placed and shared. Thanks in advance.

> Some things I would look for:
> * Data should be encrypted
> * Permissions to retrieve password should be grantable on at least a user
> basis.
> Adding a group basis is nice as well.
> * Some sort of data organization that makes sense for you
> (by servers, database vendors, ... - completely configurable is best)
> * An absolute must - there should be a way to retrieve passwords from the
> command line for use in scripts.
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist

Pete Finnigan
Director Limited

Specialists in database security.

If you need help to audit or secure an Oracle database, please ask for
details of our courses and consulting services

Phone: +44 (0)1904 791188
Fax  : +44 (0)1904 791188
Mob  : +44 (0)7742 114223
site :

Registered Office: 9 Beech Grove, Acomb, York, YO26 5LD, United Kingdom
Company No       : 4664901
VAT No.          : 940 6681 14

Please note that this email communication is intended only for the
addressee and may contain confidential or privileged information. The
contents of this email may be circulated internally within your
organisation only and may not be communicated to third parties without
the prior written permission of Limited.  This email is
not intended nor should it be taken to create any legal relations,
contractual or otherwise.

Received on Thu Jun 04 2009 - 14:01:44 CDT

Original text of this message