RE: Pete Finnigan's Oracle database password checker

  • From: "Bort, Guillermo" <guillermo.bort@xxxxxxx>
  • To: <JHostetter@xxxxxxxxxxxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 8 Oct 2008 09:05:19 -0500

I assumed that was obvious, I just printed a cound of 'found' passwords.
I should tweak it to show me the usernames at least, so I can alert the


Guillermo Alan Bort
DBA / DBA Main Team

EDS, an HP company
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Hostetter, Jay M
Sent: Wednesday, October 08, 2008 10:53 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: RE: Pete Finnigan's Oracle database password checker

Just a side note here - you might want to double-check your company's
policy on running a utility like this against a production database.  At
the very least, I would have to modify the script so that it would NOT
show me what the cracked passwords are.  Otherwise it would be cause for
termination of my employment.


Other related posts: