By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
If you give sys / as sysdba it will connect to the database directly, so how can we give security to our database? By creating the password file, but after creating the password file it also will connect to the database using the above. How can we secure that one?
The only way you can connect to the database without a password (connect / as sysdba) is to be a member of the 'dba' group in Unix/Linux or the ORA_DBA group in Windows. So make sure users are not part of these groups. If someone other than the DBA needs DBA access to the database, then use the password file to grant them the appropriate access.