I don't think you are stupid; I do think you forgot or misinterpreted what
the Oracle instructor told you. I have used the "trick" that the Oracle
instructor told you to move users from one database to another and keep
their password without me knowing what the password was. That's not hacking
the password, still secure; its just maintenance.
Jim
"John" <jriker1_at_yahoo.com> wrote in message
news:e6bb5a8d.0204071847.32228d33_at_posting.google.com...
> Don't think so. First you accuse me of wanting to hack people's
> passwords, then you basically call me stupid. And after that you want
> me to take the time to decrypt a password for you. Sorry, but I've
> had nicer proposals then that.
>
> JR
>
> damorgan <damorgan_at_exesolutions.com> wrote in message
news:<3CAE4009.54A599A5_at_exesolutions.com>...
> > Please be so kind as to demonstrate this method to the group.
> >
> > Here's a password to unencrypt. FF1E47B18F4721AB
> >
> > I'll send you a nice crisp US $20 bill for the correct answer.
> >
> > I suspect what the instructor taught you was something entirely
different that involved changing the
> > password and then replacing the password with its original. A far cry
from breaking the encryption
> > algorithm and rendering Oracle security worthless.
> >
> > Daniel Morgan
> >
> >
> >
> > John wrote:
> >
> > > First of all it is not impossible. During my Oracle backup and
> > > recovery class, the instructor, from Oracle, showed us how to convert
> > > the encrypted values to actual values. And your assumptions that I
> > > would either be inexperienced or do not understand the Oracle security
> > > model are profoundly wrong. I just no longer want to use Oracle for
> > > my security model. If you read my message, you would have seen that
> > > the commercial application that I am using now uses Oracle users for
> > > logins. The new system does not, and rather then asking 5000 people
> > > to re-enter their information on a new system, it was my hope that we
> > > would migrate it into the table and format that the application
> > > requires. Our group is the one who assigned these passwords to the
> > > users in the first place, however they were not tracked till recently.
> > >
> > > JR
> > >
> > > damorgan <damorgan_at_exesolutions.com> wrote in message
news:<3CAB26BA.B7C90CD2_at_exesolutions.com>...
> > > > It is impossible.
> > > >
> > > > Were it possible there would be no security in an Oracle database.
> > > >
> > > > And, quite frankly, there are only two reasons I can conceive of for
> > > > wanting unencrypted passwords belonging to other users. One is a
lack of
> > > > experience so profound that you don't understand the Oracle security
> > > > model. The other that you are trying to hack the system.
> > > >
> > > > Daniel Morgan
> > > >
> > > >
> > > >
> > > > John wrote:
> > > >
> > > > > I have a system that used oracle users for logins. The passwords
are
> > > > > of course encrypted. Our new system uses it's own table for
> > > > > validation of logins. I need to copy over the usernames and
passwords
> > > > > from the dba_users table, into a seperate table, and have the
> > > > > passwords be unencrypted so it can read them. Is there an easy
way to
> > > > > do this? Thanks.
> > > > >
> > > > > JR
Received on Mon Apr 08 2002 - 08:13:52 CDT
