Re: How to prevent password changes?
Date: Fri, 2 Dec 1994 14:51:43 GMT
Message-ID: <D06uM8.Cus_at_lanier.com>
In article <D05DGI.EHx_at_nl.oracle.com>,
Carl Gohringer <cgohring_at_uk.oracle.com> wrote:
>ditommaso_at_ebi.ac.uk (MATTEO DITOMMASO) writes:
>: Question: using ORACLE 6 on Alpha/VMS how can I prevent a
>: user from changing their own password using GRANT CONNECT?
>:
>
>You can't.
^^^^^^^^^^
Sounds like a challenge :-)
If you are really serious about preventing users from changing their passwords, you might try another approach -- instead of making it impossible, just make it undesirable. Keep a record of what you think their password should be in some secure file. Periodically attempt to connect as that user using what you think the password is. (This is an automatic process, of course.) If you can't connect, they must have changed their password, and you can take whatever action is appropriate -- remove their userid, send them mail, send their manager mail, send their mother mail, etc. Do this once or twice and word will get around. If users complain, you say, "Sorry, that's the way the system works", which will be true if you made the system work that way. :-) The last thing a user wants is to shoot himself in the foot.
But I'm wondering, why wouldn't you want a user to change his password?
Donald E. Vick (dvick_at_lanier.com, dvick_at_crl.com) Voice: (404) 493-2194 Fax: (404) 493-2399 Received on Fri Dec 02 1994 - 15:51:43 CET