This discussion is archived
2 Replies Latest reply: Nov 23, 2012 4:17 AM by 732018 RSS

Login using SALT (10g) or SHA-1 (11g)

732018 Newbie
Currently Being Moderated
I got the 10g version of password and the 11g version of the password but i what to used either one of them how can i incorporate it to my application?

Password: Pev02s1s

SALT : 686C1224549B11D2

SHA-1 : S:8A9B277211E9593C4542EA8EA651430EC1E1F2FB570D7C3DD748015B72E4
  • 1. Re: Login using SALT (10g) or SHA-1 (11g)
    Harm Joris ten Napel Pro
    Currently Being Moderated
    Hi ellenore,

    please indicate what is your intention using these verifiers in your application.

    The values you have shown are the internally stored hash values (aka identifiers) used for database authentication,
    what you call SALT is the 10G identifier from USER$.PASSWORD and the new 11G hash value is the sha-1 from
    the user$.spare4. Actually the sha-1 hash is salted and the 10g verifier is only 'salted' with the username, as it
    is a hash based on the USERNAME||PASSWORD .

    Please refer to note 429465.1 11g R1 New Feature : Case Sensitive Passwords and Strong User Authentication


    Harm ten Napel

    Edited by: hnapel on Nov 23, 2012 3:43 AM
  • 2. Re: Login using SALT (10g) or SHA-1 (11g)
    732018 Newbie
    Currently Being Moderated
    I want to login to SQLPlus and other apps that is using a oracle database but i want the password to private among DBA admin but apps can login to different schema without putting the password.


  • Correct Answers - 10 points
  • Helpful Answers - 5 points