Re: Oracle Password Encryption Algorithm

From: David Trahan <DaveTrahan_at_sqlsecure.com>
Date: 1997/04/03
Message-ID: <5i0b89$363$1_at_gestalt.direcpc.com>#1/1


Michael Jessen <mjessen_at_westpac.com.au> wrote: <snip>

>What about setting aside a special userid, and test the co-worker's
>password by having your code change the special userid's password to
>the co-worker's value. Then, after Oracle has encrypted this, look
>into dba_users and compare the co-worker's actual userid's password
>with the special userid's password - they should now match.
 

>Mike.

Negative.

[Quoted] The encryption uses the username as part of the key, so the same password will encrypt to different values for different users.                  Received on Thu Apr 03 1997 - 00:00:00 CEST

Original text of this message