Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Password alternatives

Re: Password alternatives

From: Vin McLellan <vin_at_theworld.com>
Date: Thu, 25 Dec 2003 13:40:22 -0500
Message-ID: <bsfav5$ob4$1@pcls4.std.com> 





Merry Christmas, Richard!



Did you know that Oracle has several web-based seminars and online tutorials
about enhancing Oracle authentication with RSA identity and access
management tech? See:


http://www.oracle.com/start/rsasecurity/intro.html?src=1424069&Act=5



Oracle and RSA have had a close partnership relationship for almost a
decade, so there is bound to also be a lot of user experience to call upon.



Oracle's first attempt to push beyond the trials and tribulations of mere
passwords was in Oracle 7.3, when Oracle integrated SecurID tokens and
Kerberos support in its Advanced Networking Option (ANO).  ANO was the
precursor to the Advanced Security Option (ASO), which -- in Oracle 8i
(8.1.5) and Oracle 8i Enterprise Edition v2 (8.1.6) -- also offered
RSA-branded crypto modules for network and database encryption,
certificate-based authentication, and data integrity assurance.



I know Oracle Advanced Security 9i now supports ACE/SecurID using the
two-factor authentication mode of Oracle's native RADIUS client.  It's been
awhile since I worked with RSA, however, so I don't know if the new Oracle
servers still support RSA's own ACE client/server protocol, which had a
couple of nice additional security features.



Hope this helps.



Suerte,



        _Vin






"Richard" <qaz1521_at_hotmail.com> wrote:



> I recently inherited a database with several hundred user accounts, each

> with a separate password.  Each account needs to be accessed frequently by

a


> number of operators in order to manage the database application. Security

> policies preclude the recording of passwords in an easily accessible

format


> (e.g. writing them down). The passwords are changed regularly - sometimes

by


> users who forget to tell anybody what the new password is!

>

> Chaos reigns supreme!

>

> There must be a better way to authenticate users.  Does anybody have any

> opinions or suggestions? Hardware solutions, like biometric devices or

smart


> card readers, are not an option due to cost.

>

> I wondered whether the use of SecurID cards might provide a solution.

I've


> used SecurID to authenticate dialup users but never to authenticate Oracle

> users.  I'd be interested to hear from anybody who has used SecureID with

> Oracle 8/9.  Does it work well?  Can a single card be used to access

> multiple Oracle accounts?




<snip>




"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which by
its nature will resist efforts to restrict it to bureaucrats and others who
deem only themselves worthy of such Privilege."
_ A Thinking Man's Creed for Crypto  _vbm.



Received on Thu Dec 25 2003 - 12:40:22 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US