1. Platform Guide
  2. Administering a Database on Windows
  3. Creating and Populating Password Files

Creating and Populating Password Files

Use Password Utility to create password files. Password Utility is automatically installed with Oracle Database utilities.

Password files are located in the directory ORACLE_HOME\database and are named PWDsid.ora, where SID identifies the Oracle Database instance. Password files can be used for local or remote connections to Oracle Database.

To create and populate a password file:

  1. Create a password file with Password Utility:
    C:\> orapwd FILE=PWDsid.ora ENTRIES=max_users

    • FILE specifies the password file name.

    • SID identifies the database instance.

    • ENTRIES sets the maximum number of entries in the password file. This corresponds to maximum number of distinct users allowed to connect to the database simultaneously with either the SYSDBA or the SYSOPER DBA privilege.

  2. Set the initialization parameter file parameter REMOTE_LOGIN_PASSWORDFILE to exclusive, shared, or none.

    The value exclusive specifies that only one instance can use the password file and that the password file contains names other than SYS. In search of the password file, Oracle Database looks in the registry for the value of the parameter ORA_SID_PWFILE. If no value is specified, then Oracle Database looks in the registry for the value of the parameter ORA_PWFILE, which points to a file containing user names, passwords, and privileges. If that is not set, then Oracle Database uses the default: 

    ORACLE_HOME\DATABASE\PWDsid.ORA.

    The default value is shared. It specifies that multiple instances (for example, an Oracle RAC environment) can use the password file. However, the only user recognized by the password file is SYS. Other users cannot log in with SYSOPER or SYSDBA privileges even if those privileges are granted in the password file. The shared value of this parameter affords backward compatibility with earlier Oracle releases. Oracle Database looks for the same files as it does when the value is exclusive.

    The value none specifies that Oracle Database ignores the password file and that authentication of privileged users is handled by the Windows operating system.

  3. Start SQL*Plus:
    C:\> sqlplus /NOLOG
  4. Connect AS SYSDBA:
    SQL> CONNECT / AS SYSDBA

    For an Oracle ASM instance, connect AS SYSASM: 

    SQL> CONNECT / AS SYSASM
  5. Start Oracle Database:
    SQL> STARTUP
  6. Grant appropriate privileges to each user. Users who must perform database administration, for example, are granted the SYSDBA privilege:
    SQL> GRANT SYSDBA TO db_administrator;

    For an Oracle ASM instance:

    SQL> GRANT SYSASM TO SYS;

    If the grant is successful, then the following message is displayed:

    Statement Processed.

    This adds smith to the password file and enables smith to connect to the database with SYSDBA privileges. Use SQL*Plus to add or delete user names, user passwords, and user privileges in password files.

    Note:

    Copying or manually moving password files might result in ORADIM being unable to find a password to start an instance.

Parent topic: Administering a Database on Windows

Viewing and Hiding the Password File

Use this procedure to make the password file visible or invisible from different locations.

The password file is not automatically hidden. It can be made invisible and visible again from two different locations:

  • Using Command Prompt

  • Using Windows Explorer

    Note:

    The password file must be visible before it can be moved, copied, or deleted.

Using Command Prompt

  1. To see the password file, enter:

    ORACLE_HOME\database> attrib

    The password file is displayed as PWDsid.ora: 

    A       ORACLE_HOME\database\oradba.exe
A       ORACLE_HOME\database\oradim.log
A       ORACLE_HOME\database\PWDsid.ora
A       ORACLE_HOME\database\SPFILEsid.ora

  2. To make the password file invisible, enter:

    ORACLE_HOME\database> attrib +H PWDsid.ora

  3. To see the effect of the change, enter:

    ORACLE_HOME\database> attrib

    The password file is now hidden:

    A       ORACLE_HOME\database\oradba.exe
A       ORACLE_HOME\database\oradim.log
A   H   ORACLE_HOME\database\PWDsid.ora
A       ORACLE_HOME\database\SPFILEsid.ora

  4. To make the password file visible again, enter:

    ORACLE_HOME\database> attrib -H PWDsid.ora

Using Windows Explorer

To make the password file invisible or visible again:

  1. Go to the directory ORACLE_HOME\database.

  2. Right-click PWDsid.ora.

  3. Select Properties.

    The PWDsid.ora Properties dialog box opens.

  4. In Attributes, check or clear the check box next to Hidden.

  5. Click OK.

To view or hide an invisible password file:

  1. Go to the directory ORACLE_HOME\database.
  2. Select Folder Options from the Tools main menu.
  3. In the Folder Options window, select the View tab.
  4. To view an invisible password file, select Show hidden files and folders.
  5. To hide a visible password file, select Do not show hidden files and folders.
  6. Click OK.

Parent topic: Creating and Populating Password Files