- Support for 11g Passwords
- APEX password cracking
- collection of passwords from the database
- ability to crack password hashes in the history
- Cracking role passwords
I downloaded the latest version to test it but was unable to get it to work on my system. Its unclear whether this is an issue with checkpwd or my system. A test shows that I can connect to my local 10gR2 database with SQL*Plus on the command line but when checkpwd tries to connect to the same database from the same directory it fails with an ORA-12154 error. If i then try to connect to a remote Oracle database (9iR2) then it fails with a ORA-12705 error instead. So i finally tried a non-database connection to try and crack SCOTT's password off line. This also fails. Interestingly a sqlnet.log file is created for the non-database connection mode and the sqlnet.log file shows that the password cracker is trying to connect to a database called ORCL.
Finally a second error seems to occur after the database connect error, an error "SymSetSymWithAddr64 could not be loacted in link lib DBGHELP.dll" is sent to an error dialog box.
This is a pity as I would like to have shown some tests here and tested the new features and be able to compare to woraauthbf and orabf. The feature list of checkpwd is good. Lets hope Alex gets it sorted out, I think the A12 is alpha so we can forgive some glitches.
The one thing I want to note is the license difference between checkpwd and the other two main tools. Checkpwd if used commercially should recognise RDS and the tool and a link to RDS in any customer reports, the other two tools have no such restrictions, woraauthbf is GPL2 and the source is available and although orabf does not include source there are no restrictions for commercial use.