| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Secure oracle password length
Thanks, Maxim. That's exactly what I was talking about, and exactly what I
thought (as I think another of my posts in this thread explains).
Good... I'm glad Rick raised the challenge (always good to be made to think fresh), and I'm glad it would seem I was correct after all.
Cheers,
HJR
-- ---------------------------------------------- Resources for Oracle: http://www.hjrdba.com =============================== "Maxim Anisiutkin" <manisiutkin_at_grtcorp.com> wrote in message news:71ce14f2.0202251124.78704baa_at_posting.google.com...Received on Mon Feb 25 2002 - 13:49:20 CST
> Hi Rick,
>
> > I hate to correct you, Howard, but Oracle passwords *are* encrypted. The
> > algorithm is modified DES or Triple DES, depending on the version.
>
> I'm sorry, but we are talking about password hashes stored in
> sys.user$ table.
> It cannot be *encrypted* because that field simply doesn't have enough
> room for *encrypted* values of passwords (I know that it's
> varchar2(30), but Oracle uses only the first 16 bytes). Probably, you
> mean SQL*Net password *encryption*...
>
> Maxim.
 |
 |