My new job have environment about Client/Server by Oracle10gR2 working with Delphi Application.
I found developer fixed schmea user/password on program code for connect to DB.
So, Now password of Production Schema is same with Development Schema
and Developer can access to Production environment.
How to solve this situaltion?, I think maybe ever have best pratice for this.
I think about keep password on other location and Application get to use for connect DB.
Howerver, This way developer can coding for print out password to see it.
Or maybe DBA must change fix password in Programmer coding before migrate to production (It's no good). To do that, DBA can change password of Production and Developerment to differrence.
Now we protect this by trigger to fix about protect Developer connect DB by Tools (by osuser, machine and program filed in v$session). I know this can leak by change osuser, change exec name of Tools.
Previouse job use Oracle DB with E-Business suite. It's no this problem cause of It's have interface to manage connection between App & DB.