Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Password Encryption

Re: Password Encryption

From: <rwessman_at_us.oracle.com>
Date: 13 Jul 1998 10:54:09 -0400
Message-ID: <un2ader8u.fsf@us.oracle.com> 





"Kirk Helfand" <khelfand_at_sqlauditor.com> writes:



> 


> Does anyone know how Oracle Encrypts passwords? What encryption algorithms?


> Is there are public domain code that shows how to duplicate the encryption


> without using alter user identified by password.


> 




Oracle uses a modified DES algorithm which is proprietary.



> In other words, how is 'alter user identified by' working?


The password is encrypted one-way and stored. Subsequent logons are verified
by encrypting the password and then comparing it against the stored
encrypted password.



-- 

                                        Rick
                                        Rick Wessman
                                        Distributed Data Security
                                        Oracle Corporation
                                        rwessman_at_us.oracle.com


Received on Mon Jul 13 1998 - 09:54:09 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US