Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Secure oracle password length

Re: Secure oracle password length

From: Maxim Anisiutkin <manisiutkin_at_grtcorp.com>
Date: 25 Feb 2002 11:24:30 -0800
Message-ID: <71ce14f2.0202251124.78704baa@posting.google.com> 





Hi Rick,



> I hate to correct you, Howard, but Oracle passwords *are* encrypted. The

> algorithm is modified DES or Triple DES, depending on the version.




I'm sorry, but we are talking about password hashes stored in
sys.user$ table.


It cannot be *encrypted* because that field simply doesn't have enough
room for *encrypted* values of passwords (I know that it's
varchar2(30), but Oracle uses only the first 16 bytes). Probably, you
mean SQL*Net password *encryption*...



Maxim.
Received on Mon Feb 25 2002 - 13:24:30 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US