Don't think the db name plays a role in this. But the username does. i.e. user1, user2 share the same password and the hash comes out different. but user1 from two different database share the same password and the hash comes out the same.
Richard Ji -----Original Message----- Sent: Tuesday, December 17, 2002 3:15 PM To: Multiple recipients of list ORACLE-L how does trying a password on your own private database help crack a password on a different database? I vaguely recall a conversation (I *think* it was with Kevin Loney) that part of the encryption key is the database name as well. --- Ari Kaplan <[EMAIL PROTECTED]> wrote: > This program allows you to attemp password "guesses" on a different > database. So, the program gets around the "x invalid tries and the > account > locks" by enabling the user to try passwords on their own private > database. > > That's what their documentation said, anyway. > > -Ari > -----Original Message----- > Carmichael > Sent: Tuesday, December 17, 2002 1:16 PM > To: Multiple recipients of list ORACLE-L > > > it's definitely a one-way encryption on the password, I forget where > I > read it but I do know that's true. > > I think that in addition to a strong password, if you lock an account > after x failed attempts then they'd have to be REALLY lucky to guess > it > on the first few tries. > > Rachel > --- John Kanagaraj <[EMAIL PROTECTED]> wrote: > > Jared, > > > > This seems to be a 'brute force' dictionary based attack, as I > > believe the > > Oracle password is a one-way trapdoor (just as UNIX). I don't think > > this > > will be able to crack a strong password created from say a > > combination of > > the first characters of an arbitrary sentence. > > > > John Kanagaraj > > Oracle Applications DBA > > DBSoft Inc > > (W): 408-970-7002 > > > > So WHO is the Reason for the Season?! Write me for details! > > > > ** The opinions and statements above are entirely my own and not > > those of my > > employer or clients ** > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, December 17, 2002 9:09 AM > > > To: Multiple recipients of list ORACLE-L > > > Subject: RE: password > > > > > > > > > Hmm... > > > > > > Well maybe you *can* crack oracle passwords. > > > > > > I've just ordered the full version of this product. ( $4, I > don't > > > think I need to bother the purchasing department ). > > > > > > I'll let you know how it works. > > > > > > Jared > > > > > -- > > Please see the official ORACLE-L FAQ: http://www.orafaq.com > > -- > > Author: John Kanagaraj > > INET: [EMAIL PROTECTED] > > > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > > San Diego, California -- Mailing list and web hosting > services > > > --------------------------------------------------------------------- > > To REMOVE yourself from this mailing list, send an E-Mail message > > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > > the message BODY, include a line containing: UNSUB ORACLE-L > > (or the name of mailing list you want to be removed from). You may > > also send the HELP command for other information (like > subscribing). > > > > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: Rachel Carmichael > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > > > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: Ari Kaplan > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Rachel Carmichael INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Richard Ji INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
