| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: password encryption for test-tool
Alexander Wohrer wrote:
> I'm trying to test (a lot of) db's if there are "weak accounts" like
> password=password, password=hostname,....
> For this I need to check the hashes stored in the dba_users table and I
> don't want to
> create users in an test-db with the different passwords to get the needed
> hashcode!
>
> Is there a function which gives me the 16 digit hash code stored in the db
> for a give user-password combination?
If I understand your question ... no.
But in Oracle one can very easily make such passwords impossible to create by creating a PROFILE with a password verification function..
Look in $ORACLE_HOME\rdbms\admin for the file utlpwdmg.sql. This file contains everything you need to accomplish the goal and much more.
Daniel Morgan Received on Thu Jul 11 2002 - 10:40:47 CDT
 |
 |