Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: username and password storage
Hi, Nathan:
Since you are in a Windows environment, I *strongly* suggest using Windows authentication. It allows users to connect without having to specify a password.
Generally, hard coding user credentials is extremely insecure. Storing them in the registry will expose them to anyone with administrator privilege.
Rick
n article <8e9777d1.0204030528.3b0380c7_at_posting.google.com>,
nathan_hodgen_at_yahoo.com says...
>
>Thanks Daniel,
>
>I am sorry. When I said client, I did not mean an Oracle client. I
>meant any general client like a COM object or an ADO connection.
>
>The users I have supported in the past have either hardcoded the login
>credentials in their code or stored them in the registry (speaking of
>a windows environment). Is there a better way to do this?
>
>Thanks again,
>Nathan
>
>damorgan <damorgan_at_exesolutions.com> wrote in message
>news:<3CA9D663.45F5BDE2_at_exesolutions.com>...
>> Typically in an Oracle application one never stores them.
>>
>> Which part of the Oracle security model doesn't work for you.
>>
>> Daniel Morgan
>>
>>
>>
>> Nathan Hodgen wrote:
>>
>> > What is the standard place, if there is one, for storing username and
>> > password for an Oracle account in a client? Traditionally (in a
>> > windows 2k envirnoment), I have stored the connect string encrytped in
>> > the registry.
>> >
>> > THANKS,
>> > Nathan
Rick Wessman Oracle Corporation The opinions expressed above are mine and do not necessarily reflect those of Oracle Corporation.Received on Wed Apr 03 2002 - 07:55:39 CST