How to Resolve ORA-01017: invalid username/password; logon denied

  • by

ORA-01017

ORA-01017 means that you either provided an incorrect username or password, so the database that you tried to connect denied you to logon.

SQL> conn hr/hr@orcl
ERROR:
ORA-01017: invalid username/password; logon denied

For other specific scenarios that throw ORA-01017 can be found in these posts:

For solving ORA-01017, you should inspect the following items carefully.

1. Connect Identifier

Sometimes, your credentials are correct, you just went for the wrong destination. So please check the connect identifier, and you can make some tests if necessary.

C:\Users\edchen>tnsping orcl
...
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = db.example.com)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = ORCL)))
OK (0 msec)

2. Password

Case-Sensitive

Most password problem are case-sensitive problem. By default, SEC_CASE_SENSITIVE_LOGON initialization parameter is set as TRUE which means that everything involves password are all case-sensitive, even though you didn't quote the password.

SQL> conn hr/hr@orcl
Connected.
SQL> alter user hr identified by HR;

User altered.

SQL> conn hr/hr@orcl
ERROR:
ORA-01017: invalid username/password; logon denied

As you can see, IDENTIFIED BY clause treats password as a case-sensitive string with or without quotation marks. That is, you have to use it case-sensitively.

SQL> conn hr/HR@ora19cdb
Connected.

Special Character

If your password contains any special character, you have to double-quote it.

SQL> alter user hr identified by "iam@home";

User altered.

SQL> conn hr/"iam@home"@ora19cdb
Connected.

Other Considerations

Beside case-sensitive and special character problems, you can try the following things.

  1. Check whether CAPS LOCK is enabled or not, this could ruin every password you typed.
  2. Type the password in a text editor to make sure it's right.
  3. Change the password if there's no other way to solve it.
  4. Set SEC_CASE_SENSITIVE_LOGON to FALSE if the problem is becoming global.

3. Username

Normally, you don't have to care about case-sensitive problem on username, because username creation follows Oracle object naming rule that I have explained about the differences between quoted and non-quoted identifiers pretty much.

Leave a Reply

Your email address will not be published. Required fields are marked *