Changing Passwords On Database Serversby Curtis Smith
This document describes how to change your password on the two ECN maintained database servers, "Oracle" and "MySQL".
Both database servers record passwords independently from your ECN and ITaP account passwords. When changing your password via the passwd command, or through thepassword changing web page, you'll need to update your database account password(s) as an additional step.
In order to maintain good security on the data stored in either database server, it is important to periodically change passwords. A good time to change passwords is at the time when you're changing your regular account's password.
Note: It's okay to skip this document. ECN provides access to Oracle or MySQL on request, not by default, so you may not have an account on either database server. If you're unsure, check with your ECN site specialist.
Changing Your Password
Both "Oracle" and "MySQL" have SQL commands to change the account's password, so the first step in each database will be to bring up a command processor. A brief example will be shown on how to start command processors.
In either system, be sure to select a new password that is at least eight (8) characters in length, and try using a symbol character (non-alphanumeric character) somewhere in the password to make it harder to guess.
Changing Password on Oracle
To change your password on Oracle, use the following command:
Enter your old password, plus your new password twice. If everything goes okay, the Oracle database server will respond with:
Keep in mind the following things about creating a new password for Oracle:
- Oracle uses a case-independent password, so it doesn't matter if the password is typed using upper-case or lower-case characters,
- Oracle uses "/" and "@" as special characters - do not use those characters in your new password,
- If the password has a symbol or begins with a number, then the password will need to be typed-in with double-quote characters ("),
- The maximum length of the new password is thirty (30) characters.
Below is an example session. The user "henry" will log on to Oracle and change their password to "2secure4hacking":
atom% source /usr/opt/bin/oracle_setup.csh atom% sqlplus henry@ecn2 SQL*Plus: Release 10.2.0.3.0 - Production on Tue Jan 15 09:29:22 2008 Copyright (c) 1982, 2006, Oracle. All Rights Reserved. Enter password: secret Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bit Production With the Partitioning, OLAP and Data Mining options SQL> password Changing password for HENRY Old password: secret New password: 2secure4hacking Retype new password: 2secure4hacking Password changed SQL> quit Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bit Production With the Partitioning, OLAP and Data Mining options atom%
Note: The first line "source /usr/opt/bin/oracle_setup.csh" is for C-shell users. If you're using Borne-shell (/bin/sh), K-Shell (/bin/ksh), or Bash (/bin/bash), then use:
Changing Password on MySQL
To change your password on MySQL, use the following SQL command syntax:
Where new-password is the new password you wish to use. If everything goes okay, the database server will respond with:
Query OK, 0 rows affected (0.00 sec)
Be sure to enter the syntax with the password() function call. If you were to change your password with the command:
set password='new-password'; (wrong!)
then you will lock yourself from accessing the database!! If this happens, contact your ECN site specialist to unlock your database account.
Keep in mind the following things about creating a new password for MySQL:
- MySQL uses a case-dependent password, so it does matter if the password has upper-case or lower-case characters,
- To enter a password with a single-quote ("'") character, use two single-quotes (ie. '''' produces a single single-quote),
- The maximum length of the new password is seventy-eight (78) characters, but it's highly dependent on the host operating system's ability to prompt for a password. Solaris, Linux and FreeBSD are most likely okay to use up to 78 characters. Otherwise, limit the password to eight (8) characters.
Below is an example session. The user "carol" will log on to MySQL's "labdata" database and change their password to "QU8SAR_r_cool":
bridge% mysql -hmysql -Dlabdata -ucarol -p Enter password: secret Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 929646 Server version: 5.0.45-log Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> set password=password('QU8SAR_r_cool'); Query OK, 0 rows affected (0.00 sec) mysql> quit Bye bridge%
Last modified: 2008/07/21 13:12:18.142000 GMT-4 by
Created: 2007/10/30 13:40:19.677000 GMT-4 by brian.r.brinegar.1.
Type in a few keywords describing what information you are looking for in the text box below.