Re: Can ORACLE DBA tell me forgotten password?

In article <kpalm.729994440_at_doc> kpalm_at_doc.qualcomm.com (Kent Palm) writes:
>janw_at_fwi.uva.nl (Jan Wortelboer) writes:
>
>>If it is ORACLE 5 it's no problem, i once hacked a program
>>to generate password's given the simple crypted strings.
>>ORACLE wasn't all to happy, they lost a large account.
>
>So, where's the hack?

I missed the original problem statement, but if a user has forgotton his password I'm pretty sure the DBA can just reset it. GRANT CONNECT TO USER IDENTIFIED BY PASSWORD should overwrite the existing password. Then the user can login and change it to something new.

In the V5 days at Oracle we used to patch the SYS password in the database file for customers who had forgotton what they changed it to. There was a certain location, which I now forget, which always contained the same bytes for CHANGE_ON_INSTALL, the original value. I forget if this still works in V6, but you really don't need it with CONNECT INTERNAL anymore.

• Dan

Daniel Druker
Anderson Graduate School of Management at UCLA                    

| Dan Druker                                                               |
| agsm mail 	: ddruker                                                  |
| internet 	: ddruker_at_agsm.ucla.edu                                    |
| oracle*mail	: unix:ddruker_at_agsm.ucla.edu                               |
----------------------------------------------------------------------------

Disclaimer: None. I'm a student now and I don't care what you think. Received on Thu Feb 18 1993 - 02:54:47 CET