Setting a password for listener is the least security you should maintain for it. By default, it doesn't have any password and many DBAs simply do not create one. Part of the reason is the perceived complexity in specifying and using a password. This lesson hopefully will repel that myth.
If a password is set for the listener, you will need to supply a correct password for any command other than START, STATUS and HELP. When the listener is first created, there is no password. The password is set by the command from LSNRCTL prompt:
This will prompt for the old and new passwords; and when entered, they are not displayed on the screen. When the listener is initially created, the password is not set, or null. So, just press the return key when prompted for the old password.
Once the passwords are changed, you have to supply the password before doing any administrative work such as changing a parameter or stopping the listener. The password is set by the command SET PASSWORD <password>. For instance, to stop the listener, you would use the following commands in LSNRCTL utility, assuming the password is t0p53r3t:
LSNRCTL> set password
The password has to be specified on the prompt as follows:
LSNRCTL> set password
The other method of setting the password is through the parameter file. In the file listener.ora, place the following line:
passwords_listener = g3#@657
To specify passwords for other listeners, use the name appended to the word passwords above, for example
passwords_listener1 = g3#@657
sets the password for listener1. This method of setting the password has to be passed in one line such as:
LSNRCTL> set password g3#@657
The other method of getting a prompt and entering the non-displayed password will not work.
However, when the password is changed in the case when the password is explicitly mentioned in the parameter file, the operation will never be successful.
LSNRCTL> set password manager1
Regardless of how you enter the password, through a single line or on the prompt, the change will not be successful. To change the password, you have to remove the line passwords_listener in the file listener.ora and then change the password.
The other option in specifying the password of the listener is to record the password encrypted in the parameter file. This is done by recording the configuration changes automatically in the parameter file as described below:
LSNRCTL> set save_config_on_stop on