Oracle Database 12c Logo

Secure External Password Store

The Oracle secure external password store (SEPS) enhances application security by eliminating the need to store clear-text database account passwords in scripts or other tools that access the database without user interaction, for example batch processes that run over night.

Introduced with Oracle Database 10g Release 2, SEPS has become increasingly popular as a means of increasing the security of existing applications. The primary benefit of SEPS is hiding the password from the operating system process list. Prior to SEPS being introduced it was possible to simply do a process listing on the operating system level to search for passwords used by CRON jobs and other batch processes associated with application processing.

The following example shows a connection to the database from the operating system command line using Oracle SQL*Plus. The user name, password, and connection alias are specified.

sqlplus username/my_password@alias


Using SEPS, the user name and password can be removed from the statement:

sqlplus /@alias


An additional benefit of SEPS comes in the form of password rotation. Using SEPS, changes to hard coded connection strings can be eliminated since the password is stored centrally and updated only once in the SEPS.

For more details, including the command-line proxy feature, see the technical white paper.


Oracle has a very active research organization (Oracle Labs) that is charged to 'Identify, explore, and transfer new technologies that have the potential to substantially improve Oracle's business'. One part of the organization is the External Research Office (ERO). The ERO is charged to ' ... invest in research collaborations that fit Oracle's long-term strategic goals. These collaborations are between university researchers and engineers/researchers throughout Oracle's various organizations'. The ERO webpage lists numerous current and past collaborations. Oracle provides funds and direct interactions with highly experienced developers.

If you are interested in the ERO program please contact Steve Jeffreys at

If you would like to explore opportunities for a research collaboration with the database team please contact Dieter Gawlick at

or Garret Swart at
Oracle Database Cloud