How to Capture the Username of the Altered User
(Doc ID 199455.1)
Last updated on FEBRUARY 01, 2022
Applies to:Oracle Database Cloud Service - Version N/A and later
Oracle Database - Enterprise Edition - Version 184.108.40.206 to 220.127.116.11 [Release 9.2 to 11.2]
Oracle Database Cloud Schema Service - Version N/A and later
Gen 1 Exadata Cloud at Customer (Oracle Exadata Database Cloud Machine) - Version N/A and later
Oracle Cloud Infrastructure - Database Service - Version N/A and later
Information in this document applies to any platform.
This article explains how to audit/capture what user passwords are altered in the database.
A user with the "ALTER USER" privilege can alter other users passwords. Oracle provides Client events through which these operations can be traced. You can use "AFTER ALTER" or "BEFORE ALTER" Client Event to capture the details pertaining to the altered user.
The trigger will fire only for the normal users. It will not fire when the monitored action is executed by a SYSDBA user or by a user being granted the ADMINISTER DATABASE TRIGGER privilege
The following example will collect:
1) The user that executed the "ALTER USER" statement
2) The name of the user whose password was altered.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!