Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Password Encryption Algorithm

Re: Oracle Password Encryption Algorithm

From: Chris Urban <christopher.urban_at_msfc.nasa.gov>
Date: 1997/03/13
Message-ID: <33282EA5.1041@msfc.nasa.gov>#1/1 







Rob van Lopik wrote:



> > If the alogorithm were published, it would kind of defeat the purpose

> > of having a password now, wouldn't it???

> 

> No, it doesn't, because it is supposed to be one-way only. Your password

> gets hashed into something that is stored in the database, but the

> algorithm cannot be run the other way around, that is, you cannot produce

> the clear password from the rubbish that you will find in DBA_USERS.

> Give me one week, an encoded password, and a 'one way' algorithm and I 

guarantee you I can come up with the original password. This would pose a 
major security risk for Oracle to publish. Lets be realistic.
Received on Thu Mar 13 1997 - 00:00:00 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US