My Oracle Support Banner

How to Capture the Username of the Altered User (Doc ID 199455.1)

Last updated on OCTOBER 10, 2022

Applies to:

Oracle Database Cloud Service - Version N/A and later
Oracle Database - Enterprise Edition - Version to [Release 9.2 to 11.2]
Oracle Database Cloud Schema Service - Version N/A and later
Gen 1 Exadata Cloud at Customer (Oracle Exadata Database Cloud Machine) - Version N/A and later
Oracle Cloud Infrastructure - Database Service - Version N/A and later
Information in this document applies to any platform.


This article explains how to audit/capture what user passwords are altered in the database.


A user with the "ALTER USER" privilege can alter other users passwords. Oracle provides Client events through which these operations can be traced. You can use "AFTER ALTER" or "BEFORE ALTER" Client Event to capture the details pertaining to the altered user.

The trigger will fire only for the normal users. It will not fire when the monitored action is executed by a SYSDBA user or by a user being granted the ADMINISTER DATABASE TRIGGER privilege

The following example will collect:

1) The user that executed the "ALTER USER" statement
2) The name of the user whose password was altered.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.