User Passwords Case Sensitivity in Oracle Application R12

User Passwords Case Sensitivity in Oracle Application R12

User Passwords Case Sensitivity in Oracle Applications in previous releases of Oracle Applications, user passwords were treated as case insensitive.

Now, Oracle Applications R12 user passwords can optionally be treated as case sensitive, depending on the Profile Option defined.

Case-sensitivity in user passwords are controlled by the Site Level Profile option "Signon Password Case"

This profile has two possible settings:

1. Sensitive:

Passwords are stored and compared as they are, with the password case preserved. During comparison, if the entered password does not match the decrypted version, then an error message is displayed. With Release 12, this option is the default behavior. All newly created or changed passwords are treated as case sensitive.

Note: Users who have not changed their passwords since the installation of release 12 are not affected until they do change their passwords. A password expiration utility is available if the System Administrator requires that all users convert to case sensitive passwords upon the next login.

2. Insensitive:

Passwords are treated as case insensitive. In Insensitive mode, passwords are stored and compared in uppercase, similar to that in earlier releases. The entered password and the decrypted password are converted to uppercase prior to comparison.

If you want to preserve case insensitivity in passwords, i.e. retain the behavior from previous releases, ensure that Signon Password Case value is either set to 'Insensitive', or not set at all.