RE: password complexity -- implementing security changes

  • From: "Smith, Steven K - MSHA" <Smith.Steven@xxxxxxx>
  • To: <oracle-l@xxxxxxxxxxxxx>
  • Date: Fri, 3 Mar 2006 13:26:01 -0700

Try an Oracle password with a '@' in it.  That one took awhile to figure
out the first time I saw it.


Steve Smith
Envision Technology Partners / MSHA MSIS Team
Desk: 303-231-5499




-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of MARK BRINSMEAD
Sent: Friday, March 03, 2006 1:22 PM
To: jkstill@xxxxxxxxx
Cc: venu_potluri@xxxxxx; rjamya@xxxxxxxxx; wbfergus@xxxxxxxx;
oracle-l@xxxxxxxxxxxxx
Subject: Re: password complexity -- implementing security changes


Okay, so why is *that* a problem?  After all,
last time I checked, Oracle database passwords
were case-insensitive anyway...

Special characters, on the other hand, *can* be a 
problem.  I seem to recall even SQL*Plus giving 
me considerable grief with a password that 
contained "/" characters...  No wait; it was a 
Pro*C application.



----- Original Message -----
From: Jared Still <jkstill@xxxxxxxxx>
Date: Friday, March 3, 2006 12:30 pm
Subject: Re: password complexity -- implementing security changes

> 
> 
> One thing the verify_function cannot do is enforce  upper or lower
> case.Try it, case doesn't matter.
> 
> While on the subject, be careful with those special characters.
> 
> Some applications  do not like them.
> 
> Net Backup for instance will not work if there is a @ or ^ in the
> passwordfor the account used to do backups.
> 
> 
> 
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
> 

--
//www.freelists.org/webpage/oracle-l

--
//www.freelists.org/webpage/oracle-l


Other related posts: