| Lesson 4 | Placing and naming the password file |
| Objective | Determine the proper location and name for a password file. |
Placing and Naming Password File in Oracle 23c
In Oracle Database 23c, the "password file" (also called the Oracle Wallet Password File[1]) is used for "authenticating administrative users" such as `SYSDBA`, `SYSOPER`, etc., outside of the database, especially when the database is down or in `MOUNT` state.
Here's how to determine the location and name of the password file in Oracle 23c:
✅ 1. Check the `REMOTE_LOGIN_PASSWORDFILE` Initialization Parameter
Run the following SQL to check if Oracle uses a password file and what mode it's in:
Typical values:
If Oracle is using a password file, the default location and name follow this pattern:
Example:
On Windows:
Example:
Here's how to determine the location and name of the password file in Oracle 23c:
✅ 1. Check the `REMOTE_LOGIN_PASSWORDFILE` Initialization Parameter
Run the following SQL to check if Oracle uses a password file and what mode it's in:
SHOW PARAMETER REMOTE_LOGIN_PASSWORDFILE;
Typical values:
- EXCLUSIVE – allows multiple users in the password file (recommended).
- SHARED – deprecated.
- NONE – disables the use of password files.
If Oracle is using a password file, the default location and name follow this pattern:
- Location:
For Oracle 23c with the default Oracle Home and ORACLE_SID, the password file is located in the
$ORACLE_HOME/dbsdirectory (Linux/UNIX) or%ORACLE_HOME%\database(Windows). - File name:
- On Linux/UNIX:
orapw<SID>
- On Linux/UNIX:
Example:
$ORACLE_HOME/dbs/orapwORCL
On Windows:
PWD<SID>.ora
Example:
%ORACLE_HOME%\database\PWDORCL.ora
✅ 3. Check with `orapwd` or Querying V\$ Views
You can verify if the password file is being used and its location:
If this returns rows, it confirms a password file is in use and lists authorized users.
✅ 4. Wallet-based Authentication in 23c
Oracle 23c encourages using Oracle Wallets for secure authentication. In this case:
The wallet path is configured using the `SQLNET.ORA` file with parameters like:
If you are using "Auto-login Wallets" (`cwallet.sso`), it replaces some traditional password file use cases.
✅ Summary Table
✅ Tip: Create or Recreate the Password File
Use the `orapwd` utility to create:
> `format=12` is compatible with Oracle 21c/23c.
The proper name and location for a password file is specific to the operating system. There are some slight differences between Windows and Unix, and there may be differences for other operating systems as well.
If this returns rows, it confirms a password file is in use and lists authorized users.
✅ 4. Wallet-based Authentication in 23c
Oracle 23c encourages using Oracle Wallets for secure authentication. In this case:
The wallet path is configured using the `SQLNET.ORA` file with parameters like:
WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = /u01/app/oracle/admin/ORCL/wallet)) )
If you are using "Auto-login Wallets" (`cwallet.sso`), it replaces some traditional password file use cases.
✅ Summary Table
| Platform | Default Path | Default Filename |
|---|---|---|
| Linux | $ORACLE_HOME/dbs | orapw<SID> |
| Windows | %ORACLE_HOME%\database | PWD<SID>.ora |
| Wallet | Set in SQLNET.ORA | ewallet.p12, cwallet.sso |
✅ Tip: Create or Recreate the Password File
Use the `orapwd` utility to create:
orapwd file=$ORACLE_HOME/dbs/orapwORCL password=YourPassword entries=10 format=12
> `format=12` is compatible with Oracle 21c/23c.
The proper name and location for a password file is specific to the operating system. There are some slight differences between Windows and Unix, and there may be differences for other operating systems as well.
Password File Naming
Here is the rewritten version of the provided text, fully updated for **Oracle 23c**, with no reference to legacy text:
In Oracle 23c, password file naming conventions are consistent and predictable across supported platforms. The password file should be named using the following pattern:
Oracle 23c searches for the password file in standard directories based on the operating system and the Oracle Home. The default locations are:
Oracle uses these locations unless an alternate path is configured. During database startup, if a password file is not found where expected, Oracle will display an error message specifying the exact file name and directory it attempted to access. This message is helpful for correcting any mistakes in file name or placement.
Fixing Mistakes
If the file name or location is incorrect, simply create a new password file with the correct parameters using the `orapwd` utility. Oracle 23c supports the following syntax:
This allows administrators to quickly recover from misconfigurations without restarting the entire installation process.
Determining the Correct Setup
To determine the proper name and location for your password file:
This setup will enable secure authentication for administrative users such as `SYSDBA`, even when the database is not fully started. You will use this information later to generate the password file during system configuration or recovery procedures.
In Oracle 23c, password file naming conventions are consistent and predictable across supported platforms. The password file should be named using the following pattern:
- Linux/Unix:
orapw<SID>
- Windows:
PWD<SID>.ora
orapwCOINon Linux/UnixPWDCOIN.oraon Windows
Oracle 23c searches for the password file in standard directories based on the operating system and the Oracle Home. The default locations are:
- Linux/Unix:
$ORACLE_HOME/dbs - Windows:
%ORACLE_HOME%\database
Oracle uses these locations unless an alternate path is configured. During database startup, if a password file is not found where expected, Oracle will display an error message specifying the exact file name and directory it attempted to access. This message is helpful for correcting any mistakes in file name or placement.
Fixing Mistakes
If the file name or location is incorrect, simply create a new password file with the correct parameters using the `orapwd` utility. Oracle 23c supports the following syntax:
orapwd file=$ORACLE_HOME/dbs/orapwCOIN password=YourPassword entries=10 format=12
This allows administrators to quickly recover from misconfigurations without restarting the entire installation process.
Determining the Correct Setup
To determine the proper name and location for your password file:
- Identify your
ORACLE_SID. - Confirm your
ORACLE_HOMEdirectory. - Use the appropriate naming convention for your operating system.
- Place the password file in the correct directory.
This setup will enable secure authentication for administrative users such as `SYSDBA`, even when the database is not fully started. You will use this information later to generate the password file during system configuration or recovery procedures.
[1]Oracle Wallet Password File: In Oracle 23c, the Oracle Wallet Password File (cwallet.sso) is a securely encrypted file that stores credentials like passwords, private keys, and certificates, enabling clients and the database to authenticate without requiring manual password entry. It is crucial for features such as Transparent Data Encryption (TDE), enabling the database to automatically access encryption keys upon startup.