Re: Oracle Password Encryption Algorithm

In <33282EA5.1041_at_msfc.nasa.gov> Chris Urban <christopher.urban_at_msfc.nasa.gov> writes:
>Rob van Lopik wrote:
 

>> > If the alogorithm were published, it would kind of defeat the purpose
>> > of having a password now, wouldn't it???
>>
>> No, it doesn't, because it is supposed to be one-way only. Your password
>> gets hashed into something that is stored in the database, but the
>> algorithm cannot be run the other way around, that is, you cannot produce
>> the clear password from the rubbish that you will find in DBA_USERS.
>> Give me one week, an encoded password, and a 'one way' algorithm and I
>guarantee you I can come up with the original password. This would pose a
>major security risk for Oracle to publish. Lets be realistic.

Do this for the Linux login and then come back to us. :-)) Please be silent till then.

Best regards

        Martin

-- 
               Martin Schr"oder, MS_at_Dream.HB.North.DE
- If I start up a C shell and put it up to my ear, what will I hear?
- You'd hear the sound of the C, of course, as it repeatedly crashes
       on the silicon beach.  (The Usenet Oracle, Jan 1993)