Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: How should passwords be stored in a database?

Re: How should passwords be stored in a database?

From: <lbudney-usenet_at_nb.net>
Date: 03 Sep 2001 16:51:00 -0400
Message-ID: <m3bsks577v.fsf@peregrine.swoop.local> 





Andrew Allen <ajallen_at_mailhost.det.ameritech.net> writes:

>




> The proper way to store passwords in an Oracle database.  IMNSHCO, do it

> like (or similar to) the way Oracle does it:

[snip]



That's a fine way.



> If you must be able to return a password to the user who forgot his,

> then use the Oracle Obfuscation Tool Kit -- available in Oracle 8.1 +  .




That's not. The correct thing to do in this situation is to generate a new
password.



--Len.



-- 
Commodity businesses achieve good levels of profitability only when
prices are fixed in some manner or when capacity is short.
					-- Warren Buffett, 1985


Received on Mon Sep 03 2001 - 15:51:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US