Password alternatives

I recently inherited a database with several hundred user accounts, each with a separate password. Each account needs to be accessed frequently by a number of operators in order to manage the database application. Security policies preclude the recording of passwords in an easily accessible format (e.g. writing them down). The passwords are changed regularly - sometimes by users who forget to tell anybody what the new password is!

Chaos reigns supreme!

There must be a better way to authenticate users. Does anybody have any opinions or suggestions? Hardware solutions, like biometric devices or smart card readers, are not an option due to cost.

I wondered whether the use of SecurID cards might provide a solution. I've used SecurID to authenticate dialup users but never to authenticate Oracle users. I'd be interested to hear from anybody who has used SecureID with Oracle 8/9. Does it work well? Can a single card be used to access multiple Oracle accounts?

Thanks,

Richard Received on Tue Dec 23 2003 - 19:12:41 CST