How to change a user password in Oracle 11.2.0.4 by values
In later Oracle Database versions, you cannot change a user’s password with the
“ALTER USER IDENTIFIED BY VALUES”
clause, if there exists an old 10g hash value in the data dictionary.
If you provide an 11h hash value, this syntax will succeed, but users cannot log in and get
“ORA-01017: invalid username/password; logon denied”
when trying.
You can also provide the 10g hash to the “BY VALUES” clause, but in this case, the 11g password won’t work.
If you provide one hash value like 11g, the existing one, like 10g, is deleted in the database.
But, it is possible to provide both hashes at the same time by concatenizing them with the “;” character:
“password_clause := ‘ identified by values ||p_HASH10g||’;’||p_PASSWORD_HASH|| ‘;”
See MOS note: Doc ID 1051962.101 also.