dba_users.Password contains hashed passwords. How can old password be verified before changing password? I

Question

0

Asked: June 2, 20262026-06-02T18:43:15+00:00 2026-06-02T18:43:15+00:00

dba_users.Password contains hashed passwords. How can old password be verified before changing password? I

0

dba_users.Password contains hashed passwords. How can old password be verified before changing password? I have rough idea about two methods:

(1) Find what hash algorithm and seed value oracle is using, then take hash and match hashes. This turns out to be very hard as oracle’s hash algorithm and seed are not publicly known.

(2) EXECUTE IMMEDIATE ‘CONNECT ‘ || p_UserName || ‘/’ || p_OldPassword. What issues do this approach have? How to close connection after this is executed, or do it automatically closed once the statement or procedure exits? Can the same user be login simultaneously multiple times under any scenario?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T18:43:16+00:00

Editorial Team

2026-06-02T18:43:16+00:00Added an answer on June 2, 2026 at 6:43 pm

The ALTER USER command has a REPLACE keyword that lets you specify the old password.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

dba_users.Password contains hashed passwords. How can old password be verified before changing password? I

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply