Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.tools -> Re: verify existing oracle password before changing
There is a bit of a hole in that one, though, as you could set a profile that restricts password re-use -e.g. mustn't use the same password within 6 months, mustn't use the same password again unless it has changed 5 times in the interim.
An idea I am working with is to use a BEFORE DDL database trigger that fires on an ALTER and acquires the value dbms_standard.des_encrypted_password, then mucks about when this is not null to avoid the alter user.
The trouble at present is the des_encrypted_password doesn't seem to have much to do with what Oracle stores as the password - back to the drawing board.
-- Jonathan Lewis Yet another Oracle-related web site: http://www.jlcomp.demon.co.uk Thomas J. Kyte wrote in message <8g0kf0$pu6$1_at_nnrp1.deja.com>...Received on Tue Jun 06 2000 - 00:00:00 CDT
>there is nothing builtin to do that. In order to do that, you can
>
>- save their current digested password
>- alter them to have the password they give you that you want to check
>- read that digested password out
>- compare them
> - if different put the first digest back return FALSE
> - else return TRUE
>