The DBA_USERS view includes a PASSWORD_VERSIONS column that indicates the database release in which the password was created or last modified. If we enable case sensitivity, authentication is done against the mixed case password.
#GENERATE PASSWORDS NO CAPS CODE#
The following code disables case sensitivity and creates a new user with a mixed case password.Īs you would expect, connection to the user is possible regardless of the case of the password. The important thing to remember here is even when case sensitive passwords are not enabled, the original case of the password is retained so it can be used if case sensitivity is subsequently enabled. Warning: You are no longer connected to ORACLE.īy switching the SEC_CASE_SENSITIVE_LOGON initialization parameter to FALSE we are able to connect using both variations of the password.ĪLTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE ORA-01017: invalid username/password logon denied We can see the case sensitive password functionality in operation if we attempt to connect to the new user with both the correct and incorrect case password. First, it resets the SEC_CASE_SENSITIVE_LOGON initialization parameter to TRUE and creates a new user with a mixed case password.ĪLTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = TRUE The following code demonstrates the case sensitive password functionality. SQL> ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE SQL> SHOW PARAMETER SEC_CASE_SENSITIVE_LOGON If existing applications struggle to authenticate against 11g, you can use the ALTER SYSTEM command to turn off this functionality. The SEC_CASE_SENSITIVE_LOGON initialization parameter gives control over case sensitive passwords. The Database Configuration Assistant (DBCA) allows you to revert these settings back to the pre-11g functionality during database creation. Home » Articles » 11g » Here Case Sensitive Passwords in Oracle Database 11g Release 1Ĭase sensitive passwords (and auditing) are a default feature of newly created Oracle 11g databases.
0 kommentar(er)
