We are exploring alternatives to using passwords for authenticating the servers, scripts and SQLLDR. Database is on Oracle 10g Enterprise Edition. The application code and scripts all use common accounts/schemas. With current authentication, Scripts and sqlldr uses TNS names. All programs that run non-java SQL scripts or use SQLLDR pass along the passwords to the SQLPLUS or SQLLDR; Java code uses direct JDBC connections. Password is in the JDBC connectionstring. Should password change, application server configuration takes care of updating password in all Java connections. Our goal is to remove the password from any configuration file or code that is easily accessible to developers We'd like something that can be configured on the server (Oracle server or an independent authentication server like Kerberos/LDAP). Any suggestion is appreciated.