From: Michael Ho <infoage@hk.super.net>
Subject: Re: Oracle Password Encryption Algorithm
Date: 1997/04/04
Message-ID: <3343E7E3.6B4A@hk.super.net>#1/1
References: <3326d1d1.1028394901@news.sas.ab.ca> <5g734c$ecm$1@newsin-1.starnet.net> <332756E8.556C@medicalert.org> <332d811a.1950385@news.sas.ab.ca> <01bc33e7$6d323480$dd141b91@oracle.kpmg.nl> <3331BEA3.19B4@westpac.com.au> <5i0b89$363$1@gestalt.direcpc.com>
To: David Trahan <DaveTrahan@sqlsecure.com>
Organization: Infoage Consultant
Newsgroups: comp.databases.oracle.misc,comp.databases.oracle.server,comp.databases.oracle.tools



David Trahan wrote:
> 
> The encryption uses the username as part of the key, so the same
> password will encrypt to different values for different users.

You are right on this, but by the way, do you know the encryption
algorithm used by oracle, since I'm doing a security review.