See the following link on how Oracle creates and stores password hashes, with examples for using 'identified by value' with multiple hash types for 10g, 11g, and 12c passwords:Īnd this advice for making sure passwords are as secure as possible given the setting of SQLNET.ALLOWED_LOGON_VERSION or SQLNET. SQLNET.ALLOWED_LOGON_VERSION_SERVER=12a will Method 1: Using SQLPlus password command If you connected as sys and trying to reset the password for other user it will not ask for old password.Generate both 11G and 12C password versions, and also remove the 10G SQLNET.ALLOWED_LOGON_VERSION_SERVER=12 will STEP 1: First, we extract the encrypted password: select 'alter user ''username'' identified by values '''extract (xmltype (dbmsmetadata.getxml ('USER',username)),'//USERT/PASSWORD/text ()').SQLNET.ALLOWED_LOGON_VERSION_SERVER=11 will keep generating 10G, 11G.In Oracle 12 and up, the setting of SQLNET.ALLOWED_LOGON_VERSION has the following effects: SQLNET.ALLOWED_LOGON_VERSION = 11 will allow only 11G passwords.SQLNET.ALLOWED_LOGON_VERSION = 10 will allow both 10G and 11G passwords.In Oracle 11g, the setting of SQLNET.ALLOWED_LOGON_VERSION has the following effects: It should always/only be set to match the minimum supported client version in your architecture. This should NOT be set to 10 unless you actually support 10g clients. This will change the types of clients that the database can support, as specific client versions will require specific password hash values. The only way to set PASSWORD_VERSIONS is by changing the SQLNET.ALLOWED_LOGON_VERSION parameter (11g) SQLNET.ALLOWED_LOGON_VERSION_SERVER (12c and up) parameter in the server's sqlnet.ora file and restarting the server. What version of the client are you using? If the only hash you provided in the alter user command was the 10G version, then you may not have re-created the proper hashes for higher version clients.
0 kommentar(er)
