You're reading from Oracle Database 12c Security Cookbook Secure your Oracle Database 12c with this valuable Oracle support resource, featuring more than 100 solutions to the challenges of protecting your data

Product type Paperback

Published in Jun 2016

Publisher Packt

ISBN-13 9781782172123

Length 388 pages

Edition 1st Edition

Tools

Oracle Enterprise Manager

Concepts

Database Administration

Authors (3):

Zoran Pavlovic

Maja Veselica

Maja Veselica & Zoran Pavlovic

View More author details

Table of Contents (13) Chapters

Preface

1. Basic Database Security FREE CHAPTER

2. Security Considerations in Multitenant Environment

3. PL/SQL Security

4. Virtual Private Database

5. Data Redaction

6. Transparent Sensitive Data Protection

7. Privilege Analysis

8. Transparent Data Encryption

9. Database Vault

10. Unified Auditing

11. Additional Topics

12. Appendix – Application Contexts

Changing a user's password

Changing a user's password is easy. You will practice it by changing passwords for several users in this recipe.

Getting ready

To complete this recipe, you'll need an existing user who has alter user privilege (you may use OS-authenticated user who has the DBA role) and other existing users (for example, jessica and tom).

How to do it...

Connect to the database as a user who has alter user privilege:
```
       $ sqlplus /
```
Change the password for user jessica:
```
       SQL> password jessica;
```
Enter a new password (for example, oracle_2) on a command line (note that typing will not be visible in the command line):
```
       New password:
```
Retype the new password (for example, oracle_2) on the command line (note that typing will not be visible in the command line):
```
       Retype new password:
```
Connect to the database as any user (for example, tom, to change their own password):
```
       $ sqlplus tom/"Qax7UnP!123*"
```
Change the password using the following code:
```
       SQL> password
```
Enter the old password (for example, Qax7UnP!123*) on the command line (note that typing will not be visible on the command line):
```
       Old password:
```
Enter the new password (for example, oracle_123) on the command line (note that typing will not be visible on the command line):
```
       New password:
```
Retype the new password (for example, oracle_123) on the command line (note that typing will not be visible on the command line):
```
       Retype new password:
```

How it works...

In step 1, you used OS authentication to connect to the database.

In steps 2 through 4, a privileged user changed jessica's password, where in steps 6 through 9, the user tom changed his own password.

There's more...

There is another way to change the user's password using the alter user statement as follows:

SQL> alter user jessica identified by oracle_2;

Tip

This approach is not recommended because password remains in the command-line history.