Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Adding some random characters to Oracle password

Re: Adding some random characters to Oracle password

From: Igor Laletin <ilaletin_at_usa.net>
Date: 26 Oct 2004 23:03:42 -0700
Message-ID: <f9226414.0410262203.3acb69f4@posting.google.com> 





premmehrotra_at_hotmail.com (Prem K Mehrotra) wrote in message news:<43441e77.0410261253.5fd5c1ce_at_posting.google.com>...
...


> Application is a Web based Oracle Forms 6i  application which runs on

> a Windows Server, it then connects to database on HP UNIX.

... 


> 2. My auditors  told me Oracle has some tool where some random

> characters are added to password, so user will not know these

> characters (so they cannot make direct connection?)/  I have not heard

> of anything like that until now. Does anyone have more information on

> it? Auditors said instead d of creating  logon triggers, I can

> probably use this tool.




AFAIK there is no such Oracle tool. What they probably mean is:
- encrypt user _application_ password with some utility
- create database account identified by encrypted password.



Login:

- user logs into application tier with application password
- apps tier uses the same utility/algorithm to encrypt submitted password
- apps tier logs into Oracle database using encrypted password.





Siebel can work this way. Anyway, you should ask for the clarifications.



Cheers,


Igor
 


> Thanks a lot?

> 

> Prem

Received on Wed Oct 27 2004 - 01:03:42 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US