Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Encrypting a data field
You should provide them with a view of your tables without the password
information. Because if you provide the encrypted data; it lets them
use it to try decrypt the data.
Nancy Whitney (whitney_at_apk.net) wrote:
: "joachim Carlsson" <IKEA-joachim.carlsson_at_neurope.ikea.com> wrote:
: The reason I want to encrypt this field is because there are several
: groups asking if they can copy the contents of the Oracle database to
: various places like into an LDAP database or into a Domino database,
: which they would then replicate all over the place. The only field in
: that database that would be sensitive if they did this is the
: password.
: >There is (almost) no reason to encrypt the passwords. Since when you have
: >broken into the operatingsystem you can allways break into oracle if you
: >want to. If you can logon to machine with the database you can get onto
: >oracle without two many minutes of trouble.
: >You know that you can steel the password from any oracle user in unix system
: >within a few secs?
: Nancy
--
While DSC may claim ownership of all my ideas (on or off the job),
DSC does not claim any responsibility for them. Warranty expired when you
opened this article and I will not be responsible for its contents or use.
Received on Tue May 05 1998 - 12:14:02 CDT