Skip to Main Content

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Sukdeep.

Asked: May 02, 2018 - 1:59 pm UTC

Last updated: May 07, 2018 - 4:49 am UTC

Version: 11.2.04

Viewed 1000+ times

You Asked

Hello,

Application user dont want to put the clear text password in the script which in turn connecting to database using this authentication.

Is there any way to avoid clear text password and to use encrypted password for login .


Regards,

Sukdeep D S

and Chris said...

The users are right not to want to have plaintext passwords in scripts!

Luckily there's a solution: the Oracle Wallet.

You can use this to store credentials. So you don't need them in your scripts.

Tim Hall has a worked example at:

https://oracle-base.com/articles/10g/secure-external-password-store-10gr2

Rating

  (3 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

usermgmt

sukdeep, May 03, 2018 - 8:43 am UTC

user is trying to enter password manually in a tool like toad which he want enter some encrypted password and not clear text everytime

Chris Saxon
May 03, 2018 - 10:20 am UTC

I'm confused. What exactly is the user doing and what is in clear text?

sukdeep, May 03, 2018 - 11:08 am UTC

user is using a tool called cyberark to connect remotely to the databses . Here all databse info like connecting string , password , port are stored in a file on local system which is used for connectivity . file will be a clear text file so user want to encrypt this passwotrd present in file
Connor McDonald
May 07, 2018 - 4:49 am UTC

Use an Oracle wallet (or any other solution that encrypts the password).


To sukdeep

J. Laurindo Chiappa, May 04, 2018 - 4:03 pm UTC

Hi, sukdeep : see, the 3 main (Oracle-provided) solutions for database external password management are : Wallets, LDAP (with OID or with another Directory solution) and OS authentication... If this 'cyberark' thing does not accept any of them AND need user and password stored in clear text files, IN MY OPINION you MUST demand a solution from them, OR adopt some third-part/non-Oracle solution under their directions ...

Regards,

J. Laurindo Chiappa
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

Security

All of the vital components for a secure database are covered in the Security guide.