My Oracle Support Banner

OID: How To Change The Storage Of All Passwords And Password Verifiers Hash Formats To SHA? (Doc ID 1534243.1)

Last updated on DECEMBER 04, 2020

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Goal

Oracle Internet Directory (OID) 11g, 12c or higher.

During a security pen test, the following password formats were observed in OID directory:

X-ORCLDBPWD - Legacy Oracle database password format.
„X-ORCLNTV - Windows NTLM.
„X-ORCLLMV - Windows LanMan.
„MD5, SASL/MD5, X-ORCLWEBDAV, X-ORCLCIFSMD5 - MD5
„SSHA - SHA-1

The pen test recommendation is that only the SHA method should be used to store passwords.

How to set all password and verifiers hashes to also be SSHA512?
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.