I would like to consider the changing of my sys & system accounts to help thwart off hackers.
I have utilized the list of khown username/password combinations available at Finnigan.com to eliminate the "easy guess"
Why give them half the information they need anyway!!
I cannot recall encountering this at any of the sites I have worked at.
I am either innovative or a damn fool.
Wouldnt the new account with equal elevated privleges be considered a "backdoor" into the DB, and therefore a larger liability than having the the default username(s) in place?
Would I encounter issues in the periodic admin requirements like on/offlining resources? Tablespaces etc? Starting stopping?
Pros - cons - pitfalls?
Thanks for you reply!
Locking the system and sys accounts is viable; I do this on all the databases I manage. You can still / as sysdba when logged into the host and applying patches etc. What do you mean by changing? You're not suggesting creating a new user that will own all the objects that sys currently owns are you?
Actually I was considering another user with dba privleges, but with the SYSTEM account apparently not required to be in a unlocked/enabled state, and the connect / as sysdba working for me I wouldnt need the additional account.