What makes using an Oracle Wallet to connect to a data source more secure than using a username and password to do the same

oracle

What makes using an Oracle Wallet to connect to a data source more secure than using a username and password to do the same? If someone knows the connection string for using an Oracle Wallet to connect to a data source, isn't this just as good as having the username and password? If not, why not?

Best Answer

Wallets can be configured to only be valid from a specific client, so access to the specific host is also required, whereas username/password text can be easily ported elsewhere with copy/paste.
Using wallets also allows most applications to be redeployed between environments (like dev and prod) without requiring reconfiguration or changes to credentials.
Placing the credentials in an external store allows password management policies to be more easily enforced without changing application code whenever user names or passwords change.

Best Answer

Related Solutions

Testing an Oracle DB connection before it is made – ERROR

How to start running queries in Oracle

Related Question