Protecting Your Database

The clauses of the CREATE DATABASE statement used for specifying the passwords for users SYS and SYSTEM are:
  • ·       USER SYS IDENTIFIED BY password
  •       USER SYSTEM IDENTIFIED BY password

If you omit these clauses, these users are assigned the default passwords change_on_install and manager, respectively. A record is written to the alert log indicating that the default passwords were used. To protect your database, you must change these passwords using the ALTER USER statement immediately after database creation.

Oracle strongly recommends that you specify these clauses, even though they are optional in this release of Oracle Database. The default passwords are commonly known, and if you neglect to change them later, you leave database vulnerable to attack by malicious users.

People who read this post also read :


Post a Comment


Twitter Delicious Facebook Digg Stumbleupon Favorites More