Results 1 to 3 of 3

Thread: Simple question

  1. #1
    Join Date
    Dec 2003

    Unanswered: Simple question

    How does a user change their password through SQLPlus, without having the ALTER USER system privilege?


  2. #2
    Join Date
    Dec 2003
    Oklahoma, USA
    The ALTER USER privilege is not granted to a user so he can alter his own information; granting this priv actually allows the modification of other users.

    For instance, any user granted ALTER USER system privilege can now change another person's password...

    For a user to change his own password, simply have them type in PASSWORD at the SQL> prompt.


  3. #3
    Join Date
    Sep 2003
    Virginia, USA

    you don't need to GRANT ALTER USER for that to work

    Any user can issue the command ALTER USER myOwnName IDENTIFIED BY myNewPassword; You don't need to GRANT ALTER USER for that to work. You only need to GRANT ALTER USER if you want that user to be able to change other user accounts.

    The ALTER USER command fails sometimes if the user is changing their password and their user account is linked to a profile with a password verification function. (The specifics were detailed on Oracle MetaLink in 2002 under my name.) If this occurs in your system, you may be forced to use the SQL*PLUS password command and stop using tools like OEM Secuity Manager since they use ALTER USER commands. The drawback is SQL*Plus PASSWORD command is unique to SQL*Plus - you cannot call it from within a stored procedure since stored procedures run in server memory and not in a client tool like SQL*Plus.
    Author, Oracle Database 10g: From Nuts to Soup

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts