Security :: Set Exclusive To Remote Login Password?
Nov 28, 2011i create password file in oracle 10g now i want to Set the EXCLUSIVE to REMOTE_LOGIN_PASSWORD initialization parameter. so what should i do.
View 5 Repliesi create password file in oracle 10g now i want to Set the EXCLUSIVE to REMOTE_LOGIN_PASSWORD initialization parameter. so what should i do.
View 5 RepliesWe have a production database on 11.2.0.2 version. The application user was prompted to change the password after his password expired.
USERID NTIMESTAMP# ACTION# RETURNCODE
------------------------------ --------------------------------------------------------------------------- ---------- ----------
M500796 13-DEC-11 06.11.06.065209 PM 100 28001
After changing the password he is not able to logon. The aud$ table does not show any occurrence of 1017, therefore it is not a question of Invalid password.
LVV> show parameter SEC_CASE_SENSITIVE_LOGON
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
sec_case_sensitive_logon boolean FALSE
I want to know what if any person don't know the password of SYS, can he create password file, becauase i dont know the password of sys users, generally login with '/ as sysdba',
View 4 Replies View RelatedLost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
in My remote system oracle 10g installed and i don't know the login Credential details. i.e username, password,database name.
View 12 Replies View RelatedI have a Oracle 91 database running on Windows 2003 with a DBLINK setup to connect to an external client. I'm looking at how i can setup a quick job that, say every 5 mins, runs a query over the DBLINK and if it returns data, then success. If it returns an error, then the DBLINK is down, moreso the external server, and then fire off an email to someone.
However, this DBLINK i think was created to be used by a specific username/password. When i try to run a query against it using SYS, i get invalid username/password error.
So is there a way i can use a DBLINK and specify the username/pwd to be used at runtime? I'm new to Oracle database..Something like 'select * from global_name@DBLINK1 as username/pwd'.
while testing SYS remote connection in our staging server. Executing the command below is OK:
sqlplus sys/<password>@sales as sysdba
While this is mind-boggling for me...
sqlplus sys@sales as sysdba
Enter password:
ERROR:
ORA-01017: Message 1017 not found; No message file for product=RDBMS,
facility=ORA
Enter user-name:
ERROR:
Error while trying to retrieve text for error ORA-01017
I entered the correct password.I've been simulating this for a couple of times, even tried the copy-and-paste method.
I have Toad 9.6.1 already installed on my machine and have now installed Toad 10.6 . unfortunately the Save Passwords option on the Connection screen is disabled. how do I enable that option.
View 2 Replies View Related10.2.0.3 on Linux
I reset a user password and the user is unable to login as you can see below
[oracle@testdb 10.2.0]$ sqlplus sys/manager as sysdba
SQL*Plus: Release 10.2.0.3.0 - Production on Tue Nov 27 16:20:21 2012
Copyright (c) 1982, 2006, Oracle. All Rights Reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - Production With the Partitioning, OLAP and Data Mining options
SQL> alter user sysman identified by oracle;
User altered.
SQL> Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - Production With the Partitioning, OLAP and Data Mining options
[oracle@testdb 10.2.0]$ sqlplus sysman/oracle
SQL*Plus: Release 10.2.0.3.0 - Production on Tue Nov 27 16:20:32 2012
Copyright (c) 1982, 2006, Oracle. All Rights Reserved.
ERROR: ORA-01017: invalid username/password; logon denied
User unable to login even after password reset
I am using oracle 9i version. My problem is oracle window opens.But i can not login by typing the user name and password. while login an error is displayed as follows.
ORA-01033: ORACLE initialization or shutdown in progress.
I have installed oracle 10g database in my pc and it works fine. I can connect with sys or system user.
I have also installed oracle forms 10g in the same pc. But when I try to connect then it shows the message:
ORA-01017 invalid username/password; login denied
So I can not connect. I have tried to connect with sys or system user.
my listener getting started and database also up
but gives error
Connecting as SAPSR3/<pwd>@ECC on connection 0 (nls_hdl 0)
Logon as OPS$-user to get SAPSR3's password
If can share screen shots are some link so i can go aehad
what is the default password for SYSTEM
I have two pages
1. Login Page contains two items
P1_LOGINNAME - Textfield
P1_PASSWORD - Password
2. Data entry form created using page items. - This page is used to create new users
This page contains many items but issue with only two items.
P10_LOGINNAME - Textfield
P10_PASSWORD - Password
These items are used for creating loginname and password for new user. When i am logging with admin user ,Chrome browser prompts for save password or not save password
1. When i am logging with save password option then
LOGINNAME and PASSWORD of Login page is reflecting on the LOGINNAME and PASSWORD of Data entry page.
so how can i clear the LOGINNAME and PASSWORD item on Data entry page after login.I have tried to set blank to these fields after login
document.getElementById('P10_LOGINNAME').value = '';
document.getElementById('P10_PASSWORD').value = '';
// This is working in Firefox but not in chrome.APEX Version : 4.1
Database : 10g
I created a role,and it can not login,why?
session1:
SQL> Create Role con_role Identified By hxl;
Role created.
SQL> Grant Connect To con_role;
Grant succeeded.
SQL> Grant Create Session To con_role;
Grant succeeded.
session2:
sql>connect con_role/hxl@myserver ORA-01017: Invalid username/password.
How to disable a user's sql login? To ellaborate, I want a user to login through a certain application only with his userid on database level & not through "sqlplus username@dbname".
Is it possible? If no, then what can be done to achieve below.
I have a userid which has all the update, delete privileges on it. That id needs to be configured in the application alongwith the password. So in order to avoid misuse of that id I want to block its sql access.
I am not sure whether this can be achieved or not.
How can i use OS authentication to login db?
SQL> connect / as sysdba
ERROR:
ORA-01031: insufficient privileges
sqlnet.ora text:
# This file is actually generated by netca. But if customers choose to
# install "Software Only", this file wont exist and without the native
# authentication, they will not be able to connect to the database on NT.
#SQLNET.AUTHENTICATION_SERVICES = (NTS)
SQLNET.INBOUND_CONNECT_TIMEOUT=1
when i try to login to apex for first time (10.10.0.170:5555) it asked about server XDB username and password,i dont know which username and password i can use
View 4 Replies View RelatedHow can we create a user such that he can login only at a particular time of the day . if he try's to login other than the Time assigned ,shouldn't allow.
Can we use oracle Security policy ?
I Am unable to login in SIM 12.0.
I did nothing in server.
Should i do anything in LDAP..?
SIM user name and password is stored in LDAP. Its also running...
Does Oracle automatically lock an account if the number of user login attempts exceeds the maximum?
View 3 Replies View Relatedi have created a database on my pc and i have given a password at the time of installation , after the installation it is accessed successfully by the given password , but i observed that when i gave anything in password then it is also accessed by it and i don't have any other database of this same name.
And when i access it through another system then it is accessed only by its original password not by any other password.
how to see password of users in 11g
View 11 Replies View RelatedI'm working for a credit card company and on a security project. We have oracle databases. Currently the passwords have to be changed every so often for key accounts for security purposes. Any tool to automate the process?
Any way to automate password changes on many accounts where only some people would be able to get the new password once it was changed.
Also, these IDs/passwords are sometimes used by applications to connect to the database so .ini files or some type of connection file would need to be changed automatically also.
When reviewing failed login attempts with this query:
SELECT username, os_username, userhost, terminal, to_char(timestamp,'dd-mon-rrrr hh:mi:ss')
FROM sys.dba_audit_session
WHERE returncode != 0
and trunc(timestamp) >= trunc(sysdate-1)
ORDER BY 5
I find some records for a username that does not exist. In any of my databases. I presume that if an attempt to a nonexistent user was made, it would be rejected before it gets to the db. But then again, a bad password would also be rejected.
i am using a oracle server. And all my users password has been expired, is there any way to recover those users without failing my data.
View 19 Replies View RelatedI have following problem I have simple script in bash where I connect to db and launch simple select.
username:$(value)@host...
Problem is that i want to hide the password or encrypt. currently as you can see Iam using variable (value) where the password is keep. the problem is that, mentioned script is launched by many people which are using the same user (monitor). the variable is read from a file where user (monitor ) has access its in the same directory.
is there any way how to solve it ?
for e.g.
1. to put the file with password in another folder where the user (monitor) has no access to see the file.
2. to decrypt the password, but I have no clue how to do it .
We have a requirement that the password of users never expire. But the user is notified when the password has not been changed for a long time. For example: If the user has not changed his password in 100days, he is to be notified that the password is old and he should consider changing it.
Is this possible directly through the password policy configurations? Or will it have to be handled using a separate procedure?
While searching for password encryption I came across these statements.
1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.
Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.
Is it possible to track the password changes made by some user using the logminer with the archived logs?
View 1 Replies View RelatedI have a database in which a user xxxx is assigned a password 'bbbbb'.I want to change the password to the one which was used before which was 'aaaaa'.But when I change the password it was saying "Password cannot be Reused".So I checked in user profile and found out that password_reuse_time=unlimited and password_reuse_max=5.
So what I did was change the password 6 times to something else(Since it is 5) and then tried changing it to 'aaaaa' but still it is saying "Old password cannot be reused".