Re: Oracle password encryption algorithm?

From: Paul Mickel <mickel_at_OES.ORST.EDU>
Date: 6 Jul 1993 15:49:19 GMT
Message-ID: <21c6u0$19b_at_gaia.ucs.orst.edu>

In article <21brkcINNfmd_at_ctron-news.ctron.com> ratlifc_at_ctron.com (Christian A. Ratliff) writes:
>
> Is this '<mypasswd>' in plaintext or encrypted? This concerns me as
>the Oracle rep I spoke with a few weeks ago told me that their security
>was impecable. Particularly since he said they did not pass any plaintext
>passwords over the network. However, listing it in the process table is just
>as bad. :)

It is in plaintext if it is entered on the command line. I realize the danger of doing this, but since this is the case, MHO is that the Oracle products should not even ALLOW the option of entering the passwd on the command line for security reasons.....

-Paul

-- 
Paul M. Mickel			  	   Internet:mickel_at_oes.orst.edu
Database Programmer, Teledyne Wah Chang    Albany, OR   97321
Disclaimer: My employer never claims my opinions (unless it makes a profit).

Received on Tue Jul 06 1993 - 17:49:19 CEST

This message: [ Message body ]
Next message: Jean-Marc Debaud: "Re: Oracle products for stand-alone PC"
Maybe in reply to: Ruth Larson: "Re: Oracle password encryption algorithm?"
In reply to Christian A. Ratliff: "Re: Oracle password encryption algorithm?"
Next in thread: Jean-Marc Debaud: "Re: Oracle products for stand-alone PC"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message