!!! Overview
[{$pagename}] in [Databases]

!! [Oracle] [case-insensitive] [passwords]
[Oracle] [case-insensitive] [passwords] were used prior to 11g. 

!! [Oracle] [case-insensitive] [passwords]
The [case-insensitive] [hash] is actually __NOT__ a hash but an [encrypted] [username]/[password] combination, which becomes a one-way [hash] by encrypting the result of the first run (after removing some [bytes]) again.

[Oracle] [case-insensitive] passwords are [encrypted] using a [proprietary Protocol] [Data Encryption Standard] ([DES]). 

The [Oracle] [case-insensitive] [password] were used following 11g release 1 and are a 10-[byte] [salt] [SHA-1] [hash] of only the [password].

As of 11g Release 1 the database uses [case-sensitive] passwords as a standard. It is possible however to disable this new functionality by changing an initialization parameter.

!! [Password] Value Access
[Password] values are accessible using either:
* 10g Release 2 (and previous versions) get 10g password hashes: SELECT username, [password] FROM dba_users WHERE username='<username>';
* 11g Release 1 (and later versions) get both 10g and 11g password hashes: SELECT name, [password], spare4 FROM sys.user$ WHERE name='<username>';
Appears the [password] is the older [hash] and the newer is the spare4.

TAGS: %%category [passwords] [Oracle]%%

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]