Database Administrators, Security Professionals and Control Auditors must be familiar with the fact that even if server is located in a fortress, and whether software are patched to the most current level, database will be vulnerable until default password settings are not changed. Oracle default password for databases are a critical concern for IT security professionals. It is essential to identify the default passwords for the proper implementation of security and control measures in an organization. Oracle default password refers to the user accounts by default embedded in databases at the time of creating database or during the life of database. Hacker's enumerate a network to identify default database password on the database server. These default passwords provide a backdoor for hackers to get into the system and violate security, privacy and control principles.
Oracle itself has hundreds of default application password and database password available in the market with default installation. Most database administrators overlook Oracle default password and become easy victims of intrusion. Oracle default password tester includes built-in Oracle default passwords like SYS, SYSTEM, DBSNMP and OUTLN as well as third party development or maintenance tools such as TOAD or PL/SQL Developer. At the time of database installation and configuration, it is essential for database administrator to identify default databases enabled on the system and change their username password combinations to implement strong access control measures.