When connecting to SQL*Plus, username and password may be displayed in the list of active processes:
For example, if you connect:
$ sqlplus user/password@sid then a list of processes will show username and password $ ps -ef | grep sql jdoe 5652 4963 0 10:11 pts/0 00:00:00 sqlplus user/password@sid jdoe 5667 5632 0 10:13 pts/1 00:00:00 grep sql
 | How to protect user credentials when connecting to the database interactively or through a shell script? |
$ sqlplus /nolog @connect.sql -- and store user credentials in the connect.sql file
(b) If you need the user to enter his or hers credentials, you can use:
#!/bin/bash
echo "Enter username : "
read login
echo "Enter password: "
read -s password
sid=${ORACLE_SID}
sqlplus -s /nolog << EOF
connect ${login}/${password}@${sid}
... your sql code here...
quit
EOF
(c) alternatively, you can read the password from a protected file:
-- Create password file and change file permissions so that no one besides the owner has access
$ cat passowd > mypwdfile
$ chmod 700 mypwdfile
-- Create the script..
#!/bin/bash
user= user_name
pass=`cat mypwdfile`
sqlplus -s ${user}/${pass} << EOF
... perform sqlplus statements
EOF
