Re: Verifying passwords have been changed in oracle

Daniel Morgan <dmorgan_at_exesolutions.com> wrote:
> Security is best instituted before you start using a database, not after the fact.
> But you can still accomplish the goal by expiring all passwords and forcing them
> to be reset.

Yes, we _should_ be doing this security stuff when the database is built. Our procedures require it. I need to verify that it has been done; that the production DBAs didn't make a mistake or accidentally miss a step.

This is auditing; ie confirmation that stuff has been done properly. I'm not enforcing or changing things.

-- 
                                 Stephen Harris
                              sweh_at_spuddy.mew.co.uk
      The truth is the truth, and opinion just opinion.  But what is what?
       My employer pays to ignore my opinions; you get to do it for free.