RE: Clear text credentials?

• From: Upendra N <nupendra@xxxxxxxxxxx>
• To: <oracle-l@xxxxxxxxxxxxx>
• Date: Tue, 1 Mar 2011 14:59:50 -0500

I found this documentation which confirms that 10g onwards client is encrypting 
the passwords:
http://download.oracle.com/docs/cd/B19306_01/win.102/b14304/admin.htm#sthref294

My other question still stays open.. is there a toned down version of ASO (40 
or 56-bit) encryption available for free?
Thanks
-Upendra



From: nupendra@xxxxxxxxxxx
To: oracle-l@xxxxxxxxxxxxx
Subject: Clear text credentials?
Date: Tue, 1 Mar 2011 14:38:26 -0500








Hello guys,
Question..
When someone connects from Host_A to Host_B and if the communication is not 
encrypted using Advanced Security Option (ASO) or a similar mechanism, would 
the user credentials be sent in Clear Text? If so, is there a way to secure it? 
The requirement is to protect the username/password without using ASO/SSH 
Tunnel. 

If my memory serves correctly, a lower version of ASO (40 or 56-bit) encryption 
is available for free? Is that true?

Your feedback is appreciated.
Thanks 
-Upendra

                                          

• Follow-Ups:
  • Re: Clear text credentials?
    • From: Andre van Winssen

• References:
  • auditing table help
    • From: Alessandro Lia
  • RE: auditing table help
    • From: TJ Kiernan
  • Re: auditing table help
    • From: Alessandro Lia
  • Clear text credentials?
    • From: Upendra N

Other related posts:

• » Clear text credentials?- Upendra N
• » RE: Clear text credentials? - Upendra N
• » Re: Clear text credentials?- Andre van Winssen

1. Home
2. oracle-l
3. Archive
4. 03-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---