2 Replies Latest reply: Nov 23, 2012 6:17 AM by 732018 RSS

    Login using SALT (10g) or SHA-1 (11g)

    732018
      I got the 10g version of password and the 11g version of the password but i what to used either one of them how can i incorporate it to my application?

      Password: Pev02s1s

      SALT : 686C1224549B11D2

      SHA-1 : S:8A9B277211E9593C4542EA8EA651430EC1E1F2FB570D7C3DD748015B72E4
        • 1. Re: Login using SALT (10g) or SHA-1 (11g)
          Harm Joris ten Napel-Oracle
          Hi ellenore,

          please indicate what is your intention using these verifiers in your application.

          The values you have shown are the internally stored hash values (aka identifiers) used for database authentication,
          what you call SALT is the 10G identifier from USER$.PASSWORD and the new 11G hash value is the sha-1 from
          the user$.spare4. Actually the sha-1 hash is salted and the 10g verifier is only 'salted' with the username, as it
          is a hash based on the USERNAME||PASSWORD .

          Please refer to note 429465.1 11g R1 New Feature : Case Sensitive Passwords and Strong User Authentication

          Greetings,

          Harm ten Napel

          Edited by: hnapel on Nov 23, 2012 3:43 AM
          • 2. Re: Login using SALT (10g) or SHA-1 (11g)
            732018
            I want to login to SQLPlus and other apps that is using a oracle database but i want the password to private among DBA admin but apps can login to different schema without putting the password.