User Request to Change The Password Of CCB Account by Himself (Doc ID 2307015.1)

Last updated on SEPTEMBER 18, 2017

Applies to:

Oracle Utilities Customer Care and Billing - Version 2.5.0.2.0 and later
Information in this document applies to any platform.

Goal

1.  While using the CCB 2.5.0.2.0 in the current Product design,  the passwords for the users need to be changed by the administrator . Since all the passwords for all the users are known to the administrator, he can login to any user account and perform any of the activities on that specific name which can't be identified.  
 
Another vulnerability is that the passwords are shared through the emails to the users.

It is expected for the password to be changed by the administrator but to be a temporary password . When the user logs in with the temporary password he will be prompted for the temporary password and new password for his account.
The final password can be provided in this case only by the user as per the password policy [like 8 character +numeric character].

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms