| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Exciting Oracle News :: Oracle DB Worm Code Published :: Oracle Passwords Crack in Mere Minutes
Joel,
This seems simple enough to me:
select 'connect '||username||'/'||username||'@<mydb>'||chr(10)||
'SELECT ''ALTER USER ''||username||'' PASSWORD EXPIRE ACCOUNT
LOCK;'' from user_users;'
from dba_users
order by username
/
connect, spool and run it.
edit the spool file, read it and run it.
if the account is open with a username/password being the same, it deserves to be expired and locked - with questions asked later.
applying that to production might involve some politics, however.
use at own risk ... blah, blah ...
bonus points if it creates a table named "X" :)
-bdbafh Received on Thu Nov 03 2005 - 18:17:01 CST
 |
 |