Re: ORA-28002 When Using Hash

"Michel Cadot" <micadot{at}altern{dot}org> wrote:

>
>"Jim McMahon" <jp_mcmahon_at_hotmail.com> a écrit dans le message de
>news:41bbe93e.109107601_at_nntp.charter.net...

<snip>
>> jp_mcmahon_at_hotmail.com (Jim McMahon in real life)
>
>Error 28002 is not related to password verification function but to password expiration:
>ORA-28002 the password will expire within n days
>This is error 28003 that is related to password function:
>ORA-28003 password verification for the specified password failed
>
>So, use (correct) error message instead of (wrong) error number,
>we have not always an error messages book at hand.
>
>To answer your question, if password verification function is active then
>the error is always fire as Oracle is unable to check the hash value.
>There is no way to "unhash". Hashing is one way process, you can't go back
>and retrieve the original value.
>
>Btw, is there anyone thinking that enabling the password function creates a hole
>in security as then Oracle also stores the current password in a non-hash form?
>
>Regards
>Michel Cadot
>
>
>

Thank you for responding and especially for pointing out that I referenced the wrong error number. My apologies for doing so. I should have been more careful.

That Oracle can't run password verification when using the hash value syntax is important to know.

I guess we'll stick with what I originally recommended to my DBA, of turning off the password verification, changing the password, and then turning it back on.

Thanks again for your help. I'll be interested in seeing what others have to say about your final question, but I'm not qualified to comment.
Being ordinary and nothing special is a full-time job. jp_mcmahon_at_hotmail.com (Jim McMahon in real life) Received on Sun Dec 12 2004 - 13:16:15 CST