Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: ORA-28002 When Using Hash

Re: ORA-28002 When Using Hash

From: Michel Cadot <micadot{at}altern{dot}org>
Date: Tue, 14 Dec 2004 08:21:17 +0100
Message-ID: <41be9373$0$25293$636a15ce@news.free.fr> 






"Anurag Varma" <avdbi_at_hotmail.com> a écrit dans le message de
news:mWpvd.7$DQ3.4_at_twister.nyroc.rr.com...


>

>

> I too agree with Mark. Oracle does not store the old password in clear text form. If password

history is enabled, then


> oracle stores the password hash.

> You seem to be referring to the password verification function which requires the old password to

be


> supplied to it.

> In that case, the old password needs to be supplied by the user when changing the password.

> In sqlplus this would be done by the "password" command.

>

>

> Anurag

>




Yes, i was talking about the later and i missed that you have to provide the old passord.
I thought Oracle provides it automatically when you execute an "alter user ... identified by".



In addition, for those like me that didn't know it, with "alter user" you can provide the old
password with the "replace" clause:


alter user ... identified by <newpsw> replace <oldpsw>;
but be aware that the old password is only used/checked if you change your own password
_and_ if you don't have the "alter user" system privilege.



Many thanks for the clarification.


Michel Cadot
Received on Tue Dec 14 2004 - 01:21:17 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US