William, You may set to remote_os_authent to FALSE (default value) to prevent any one from logging in as OPS$ account or you may change value of os_authent_prefix to any string other than OPS$. HTH - Mayen "Blanchard, William" <wblanchard@xxxxxxxxxxxxxxxxxxxx> Sent by: oracle-l-bounce@xxxxxxxxxxxxx Jun 11 2010 01:02 PM Please respond to wblanchard@xxxxxxxxxxxxxxxxxxxx To ORACLE-L <oracle-l@xxxxxxxxxxxxx>, oracledba@xxxxxxxxxxx cc Subject Replacing OPS$ accounts Greetings, We have a legacy app that is currently using OPS$ accounts to log the users into the database. Since this is a purchased application that is no longer supported by the company we purchased it from, changing the code isn’t possible. Has anyone found a way to get rid of these accounts? If not, is there a “best practice” for locking down the OPS$ accounts? Thank you, WGB - This email and any information, files, or materials transmitted with it are confidential and are solely for the use of the intended recipient. If you have received this email in error, please delete it and notify the sender.