H2 database password recovery
https://stackoverflow.com/questions/13150705
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We have thousands of users using H2 database, and sometimes, somehow, someone forgets the password.
Is there a way of recovering, at least, the SA user password?
Of course, i tell them that no one would be happy that this would be possible if the database was stolen...
Anyway, i need to be sure, for all the affected users sake.
Thanks.
Solution
No, it is not possible to recover the password of any user, because passwords are not stored in the database file. Instead, the password, together with a random salt, is hashed, and only the hash and the salt are stored. The random salt protects against rainbow attacks. By the way, in the server mode, the password is not transmitted - only the hash is transmitted. See the documentation for details.
However, if the database is not encrypted, the data can be extracted from a database file.
