Skip to Main Content
Forums

Oracle Database Discussions

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Password in clear text format

647600Sep 3 2010 — edited Sep 4 2010
Dear DBAs,

A new free software found on internet and used to take a memory dump to a text file.

While this software is running and when we use any software, like sqlplusw, sqldeveloper, or any application, to connect to the database, this software (after taking a memory dump) is able to detect the password and show it in a clear text; in addition, the same appears in case you are trying to login to hotmail (for example).

Note that when using the sqlplus (DOS-command line) the password will not be detected.

Do anyone have an idea about how to avoid such weakness ?

Regards
Elie
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Oct 2 2010
Added on Sep 3 2010
#general-database-discussions
26 comments
3,066 views