Oracle 11g: Case sensitive password

With 11g rel1 Oracle introduced case sensitive passwords for database accounts based on the SHA1 (Secure
Hash Algorithm).
This feature can be enabled changing the init.ora parameter SEC_CASE_SENSITIVE_LOGON.
By default this parameter is set to false; setting parameter to TRUE all new passwords will be case sensitive.
All existing passwords – created before – will remain case insensitive until they are changed.
Users imported from a 10g database have a PASSWORD_VERSIONS value of “10G” and maintain case
insensitive passwords independent of the SEC_CASE_SENSITIVE_LOGON parameter setting.
To enable or disable case sensitive passwords you must alter the init.ora parameter.
ALTER system SET SEC_CASE_SENSITIVE_LOGON=TRUE scope=spfile;
ALTER system SET SEC_CASE_SENSITIVE_LOGON=FALSE scope=spfile;
Example:
We can see the case sensitive password functionality in operation if we attempt to connect to the new user
with both the correct and incorrect case password.
CONN / AS SYSDBA
ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = TRUE;
CREATE USER etica IDENTIFIED BY Etica;
GRANT CONNECT TO etica;
SQL> CONN etica/Etica
Connected.
SQL> CONN etica/etica
ERROR:
ORA-01017: invalid username/password; logon denied
By switching the SEC_CASE_SENSITIVE_LOGON initialization parameter to FALSE we are able to connect
using both variations of the password.
CONN / AS SYSDBA
ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE;
SQL> CONN etica/etica
Connected.
SQL> CONN etica/Etica
Connected.
SQL>