Showing posts with label password. Show all posts
Showing posts with label password. Show all posts

Sunday, March 18, 2012

XS$NULL

Oracle introduced a new user in version 11 called XS$NULL. It is for Oracle’s internal use only and you should leave it alone. For this reason it is locked and expired when it is created:
 
SQL> select account_status from dba_users
  2  where username = 'XS$NULL';
 
ACCOUNT_STATUS
--------------------------------
EXPIRED & LOCKED
 
SQL>
 
You are advised not to alter this account in any way, even if an auditor asks you to. Oracle does not let you change its password:
 
SQL> conn / as sysdba
Connected.
SQL> alter user xs$null identified by new_pwd
  2  /
alter user xs$null identified by new_pwd
                                 *
ERROR at line 1:
ORA-01031: insufficient privileges
 
SQL>
 
Although you can do so with the password command:
 
SQL> select password from sys.user$
  2  where name = 'XS$NULL';
 
PASSWORD
------------------------------
DC4FCC8CB69A6733
 
SQL> password xs$null
Changing password for xs$null
New password:
Retype new password:
Password changed
SQL> select password from sys.user$
  2  where name = 'XS$NULL';
 
PASSWORD
------------------------------
C17AE3B0A14EA63F
 
SQL>
 
This is because of bug 12822989 and you must not do this.
Posted by at No comments:
Labels: , , , , , , , ,
Location: West Sussex, UK

Wednesday, September 14, 2011

ORA-00972: identifier is too long

Tested on an Oracle 9 database. The maximum length of a password is 30 characters. If you try and set one longer than that, Oracle returns an ORA-00972:
 
SQL> CREATE USER A IDENTIFIED BY
  2  ABCDEFGHIJKLMNOPQRSTUVWXYZ1234
  3  /
 
User created.
 
SQL> ALTER USER A IDENTIFIED BY
  2  ABCDEFGHIJKLMNOPQRSTUVWXYZ12345
  3  /
ABCDEFGHIJKLMNOPQRSTUVWXYZ12345
*
ERROR at line 2:
ORA-00972: identifier is too long
 
SQL> CREATE USER B IDENTIFIED BY
  2  ABCDEFGHIJKLMNOPQRSTUVWXYZ12345
  3  /
ABCDEFGHIJKLMNOPQRSTUVWXYZ12345
*
ERROR at line 2:
ORA-00972: identifier is too long
 
SQL>
Posted by at No comments:
Labels: , , , , , , ,
Location: West Sussex, UK

Friday, January 21, 2011

SQL*Plus PASSWORD Command

Most of you will know how to use the ALTER USER command to change your password:

SQL> conn system/manager1@test10
Connected.
SQL> alter user system identified by manager2;
User altered.
SQL> conn system/manager2@test10
Connected.
SQL>

But SQL*Plus also has a PASSWORD command which allows you to do the same thing. In the example below, the user tries it out. Oracle asks for the old password then asks for the new password twice. Neither the old nor the new password are displayed on the screen:

SQL> password
Changing password for SYSTEM
Old password: ********
New password: ********
Retype new password: ********
Password changed
SQL> conn system/manager3@test10
Connected.
SQL>

An administrator can use the PASSWORD command to change another user's password. In this case, Oracle does not ask for the old password. The example below is from Oracle 11g release 2:

SQL> conn / as sysdba
Connected.
SQL> show user
USER is "SYS"
SQL> password andrew
Changing password for andrew
New password:
Retype new password:
Password changed
SQL>
Posted by at No comments:
Labels: , , , , ,
Location: West Sussex, UK
Subscribe to: Posts (Atom)