Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Verifying passwords have been changed in oracle
Stephen Harris wrote:
> Daniel Morgan <dmorgan_at_exesolutions.com> wrote:
> > Security is best instituted before you start using a database, not after the fact.
> > But you can still accomplish the goal by expiring all passwords and forcing them
> > to be reset.
>
> Yes, we _should_ be doing this security stuff when the database is built.
> Our procedures require it. I need to verify that it has been done; that
> the production DBAs didn't make a mistake or accidentally miss a step.
>
> This is auditing; ie confirmation that stuff has been done properly. I'm not
> enforcing or changing things.
>
> --
> Stephen Harris
> sweh_at_spuddy.mew.co.uk
> The truth is the truth, and opinion just opinion. But what is what?
> My employer pays to ignore my opinions; you get to do it for free.
The only way to audit security is to try to break in.
Daniel Morgan Received on Mon Nov 11 2002 - 14:55:41 CST