Q
Problem solve Get help with specific problems with your technologies, process and projects.

Securing username and password

Can you tell me an easy way to secure managing username and password for an application in the Windows platform? We use them to connect to the Oracle server and I don't want to put them in the code. Also I want to trace the changes made by users on the database tables by date and time and who... can you help with that?
The best way to secure a password is to not use a password at all. You may want to investigate the possibility of allowing your application to login to the database using operating system authentication if it is a 3-tier application. If you have a 2-tier application, then you can use database user accounts as the login for each user. While this isn't a popular choice, I don't know why more people continue to bypass the security in the database product that you've already purchased.

As for DML changes to database tables, that's what the auditing subsystem is meant to record. If you're looking for tracking changes to the schema (like ALTER), then you can use a system event trigger on the ALTER statements in the database to create your own audit trail of those changes (and even prevent them if you'd like).

Dig Deeper on Oracle database security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchDataManagement

SearchBusinessAnalytics

SearchSAP

SearchSQLServer

TheServerSide.com

SearchDataCenter

SearchContentManagement

SearchHRSoftware

Close