Re: Password case sensitivity 11g to 12c

From: Chris Taylor <christopherdtaylor1994_at_gmail.com>
Date: Wed, 14 Nov 2018 17:32:08 -0500
Message-ID: <CAP79kiT5fNWbjmQ7qYNoX35hcbfji+k1z+TUmtcmO4FYFQHVHg_at_mail.gmail.com>



Well, that's interesting.

If it we're me , I'd reset all the non-application (users) passwords to a temp password and expire them to have the users enter a new password at logon.

Password expiration and prompting only works across OCI calls and not JDBC however so you may have to give them the "alter user" statement so they can reset their password after logging in with the temp password.

Chris

On Nov 14, 2018 5:26 PM, "Jeff Chirco" <backseatdba_at_gmail.com> wrote:

I am working on upgrading our 11.2.0.4 database to 12.2.0.1. In this 11g database we had sec_case_sensitive_logon disabled but I am enabling it in 12c. I have users with "PASSWORD_VERSIONS" set to "10G 11G', and on the 12c side I have SQLNET.ALLOWED_LOGON_VERSION_SERVER = 10 set in sqlnet.ora

However I am noticing that when I try to connect in 12c I have to enter the password in the same case that it was originally created on 11g even though password case sensitivity was off. I thought the sqlnet setting of ALLOWED_LOGON_VERSION_SERVER=10 would allow this?

My ideal behavior would be: in 12c users allow previously created users to authenticate with any case password, but for newly created users (or users that change their password) foce password case sensitivity. We have a lot of users and some of them may not realize what case they originally created their password with.

Let me know if you think this is possible.

Thanks,

Jeff

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Nov 14 2018 - 23:32:08 CET

Original text of this message