Changing Passwords On Database Servers

by Curtis Smith

This document describes how to change your password on the two ECN maintained database servers, "Oracle" and "MySQL".

Both database servers record passwords independently from your ECN and ITaP account passwords. When changing your password via the passwd command, or through thepassword changing web page, you'll need to update your database account password(s) as an additional step.

In order to maintain good security on the data stored in either database server, it is important to periodically change passwords. A good time to change passwords is at the time when you're changing your regular account's password.

Note: It's okay to skip this document. ECN provides access to Oracle or MySQL on request, not by default, so you may not have an account on either database server. If you're unsure, check with your ECN site specialist.

Changing Your Password

Both "Oracle" and "MySQL" have SQL commands to change the account's password, so the first step in each database will be to bring up a command processor. A brief example will be shown on how to start command processors.

In either system, be sure to select a new password that is at least eight (8) characters in length, and try using a symbol character (non-alphanumeric character) somewhere in the password to make it harder to guess.

Changing Password on Oracle

To change your password on Oracle, use the following command:

password

Enter your old password, plus your new password twice. If everything goes okay, the Oracle database server will respond with:

Password changed

Keep in mind the following things about creating a new password for Oracle:

  • Oracle uses a case-independent password, so it doesn't matter if the password is typed using upper-case or lower-case characters,
  • Oracle uses "/" and "@" as special characters - do not use those characters in your new password,
  • If the password has a symbol or begins with a number, then the password will need to be typed-in with double-quote characters ("),
  • The maximum length of the new password is thirty (30) characters.

Below is an example session. The user "henry" will log on to Oracle and change their password to "2secure4hacking":

atom% source /usr/opt/bin/oracle_setup.csh
atom% sqlplus henry@ecn2

SQL*Plus: Release 10.2.0.3.0 - Production on Tue Jan 15 09:29:22 2008

Copyright (c) 1982, 2006, Oracle.  All Rights Reserved.

Enter password: secret

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bit
Production With the Partitioning, OLAP and Data Mining options

SQL> password
Changing password for HENRY
Old password: secret
New password: 2secure4hacking
Retype new password: 2secure4hacking
Password changed
SQL> quit
Disconnected from Oracle Database 10g Enterprise Edition Release
10.2.0.3.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
atom% 

Note: The first line "source /usr/opt/bin/oracle_setup.csh" is for C-shell users. If you're using Borne-shell (/bin/sh), K-Shell (/bin/ksh), or Bash (/bin/bash), then use:

. /usr/opt/bin/oracle_setup.sh

instead.

Changing Password on MySQL

To change your password on MySQL, use the following SQL command syntax:

set password=password('new-password');

Where new-password is the new password you wish to use. If everything goes okay, the database server will respond with:

Query OK, 0 rows affected (0.00 sec)

Be sure to enter the syntax with the password() function call. If you were to change your password with the command:

set password='new-password'; (wrong!)

then you will lock yourself from accessing the database!! If this happens, contact your ECN site specialist to unlock your database account.

Keep in mind the following things about creating a new password for MySQL:

  • MySQL uses a case-dependent password, so it does matter if the password has upper-case or lower-case characters,
  • To enter a password with a single-quote ("'") character, use two single-quotes (ie. '''' produces a single single-quote),
  • The maximum length of the new password is seventy-eight (78) characters, but it's highly dependent on the host operating system's ability to prompt for a password. Solaris, Linux and FreeBSD are most likely okay to use up to 78 characters. Otherwise, limit the password to eight (8) characters.

Below is an example session. The user "carol" will log on to MySQL's "labdata" database and change their password to "QU8SAR_r_cool":

bridge% mysql -hmysql -Dlabdata -ucarol -p
Enter password: secret
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 929646
Server version: 5.0.45-log Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> set password=password('QU8SAR_r_cool');
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
bridge%

Last modified: 2008/07/21 13:12:18.142000 GMT-4 by curtis.f.smith.1
Created: 2007/10/30 13:40:19.677000 GMT-4 by brian.r.brinegar.1.

Categories

Search

Type in a few keywords describing what information you are looking for in the text box below.

Admin Options: Edit this Document