Today I return to work after a few days of vacation. I am currently installing a couple of new engines and creating their corresponding databases and I would like to remember that we should not leave the keys by default, for this we have the view DBA_USERS_WITH_DEFPWD, which tells us that users have the default pass. This is for Oracle’s own users. For the rest of users there are other ways to verify it although we should have key policies, such as a minimum number of alphanumeric, capital letters, etc. Aside from having the keys expire from time to time is a good idea.
Here I leave an example of a newly created database and in which only the pass for the user SYS and SYSTEM has been changed.
MODB> column product format a50 MODB> column username format a25 MODB> select * from dba_users_with_defpwd USERNAME PRODUCT _________________________ __________________________________________________ DIP ø GSMADMIN_INTERNAL ø ORACLE_OCM ø APPQOSSYS ø MDDATA ø GSMCATUSER ø SPATIAL_WFS_ADMIN_USR ø SYSDG ø WMSYS ø SYSKM ø SI_INFORMTN_SCHEMA ø SYSMAN ø TSMSYS ø OUTLN ø ORDPLUGINS ø OLAPSYS ø ORDSYS ø MDSYS ø SYSBACKUP ø GSMUSER ø SPATIAL_CSW_ADMIN_USR ø OJVMSYS ø ORDDATA ø 23 rows selected.
HTH – Antonio NAVARRO