The trouble with Oracle's password security
November 1, 2005[From SearchOracle.com]
By making their findings public, two researchers hope to pressure Oracle Corp. into fixing flaws in its password-hashing algorithm. The vulnerabilities could be exploited for brute force and dictionary attacks, and they said the database giant has known about it since July.
Until the security holes are fixed, they said there are steps IT administrators can take to protect their databases.
The article continues at http://searchoracle.techtarget.com/originalContent/0,289142,sid41_gci1138860,00.html