Re: Encrypting a data field

You should provide them with a view of your tables without the password information. Because if you provide the encrypted data; it lets them use it to try decrypt the data.

Nancy Whitney (whitney_at_apk.net) wrote:
: "joachim Carlsson" <IKEA-joachim.carlsson_at_neurope.ikea.com> wrote:

: The reason I want to encrypt this field is because there are several
: groups asking if they can copy the contents of the Oracle database to
: various places like into an LDAP database or into a Domino database,
: which they would then replicate all over the place. The only field in
: that database that would be sensitive if they did this is the
: password.

: >There is (almost) no reason to encrypt the passwords. Since when you have
: >broken into the operatingsystem you can allways break into oracle if you
: >want to. If you can logon to machine with the database you can get onto
: >oracle without two many minutes of trouble.

: >You know that you can steel the password from any oracle user in unix system
: >within a few secs?

: Nancy

--
While DSC may claim ownership of all my ideas (on or off the job), DSC does not claim any responsibility for them. Warranty expired when you opened this article and I will not be responsible for its contents or use. Received on Tue May 05 1998 - 12:14:02 CDT