Tuesday, August 20, 2013

Retaining User's password

Quite a few times application owners request to keep the passwords same after refreshes.
Also in 11g it is observed in the view dba_users password column is blank. There is another view called "SYS.USER$", where in you can find the password column which is populated with a alpha-numeric value. This column is handy as the values (if stored) can be used to reset the password.


Let's take a shot at this.
Example:
I have a user called Scott & its password as "abc123"







Let us first query the dba_users view to see what the password column is






On querying the SYS.USER$ view, we get that piece of information which can be later used to reset it to the same password.



Lets expire the password so that user changes & we see how a new alpha-numeric value is generated, indicating password has been changed.


At this stage scott has a new password & we are in similiar situation to after a refresh where the application user(scott in this case) wishes to have it reset to same password. Like above if we had noted down the string we can use it as below to set it as previous password.




Hopefully with a little bit of planning & know-how this blog can help get back the previous password.



Sunday, August 11, 2013