Re: Encryption routine in PL/SQL

Jon Osborne wrote:
>
> Hi,
>
> I've got to write a security subsystem for an Oracle application I'm
> developing in Forms 4.5. Oracle's security requirements are not
> stringent enough as regards things such as password expiry and reuse.
> So we have to build this ourselves.
>
> The only thing I'm struggling with is the concept that all our passwords
> MUST be only held in encrypted form in our own password table. So we
> need a reliable encrpytion routine that we can call when supplied with
> the user's unencrypted password. Does anyone know of such a thing that
> I can graft into my form?
>
> Many thanks, Jon.

Jon,

Oracle8 has significant improvements in password handling, including password aging, account lock out after failed login attempts, and password reuse. Email me privately if you'd like more details.

If you must stay in an Oracle7 environment, I've heard good things about SQL Secure from Braintree.

Tim

opinions are my own and not Oracle's Received on Mon Jul 21 1997 - 00:00:00 CDT