During installation of my product I have some SQL scripts executed as the SYS user to make changes to an Oracle database. To execute the scripts, I need to get the password for the database from the user, who is queried for it in a dialog. The problem I run into is when authenticating the password as the SYS user, which necessitates AS SYSDBA, the password validation will always succeed because Windows authentication is enabled and the Windows user is part of the ora_dba group. So even if an incorrect password is entered, it will still work. I don't like this. I considered using SYSTEM to validate the password being entered, and then SYS to execute the scripts, but that won't work if SYSTEM and SYS have different passwords. Does anyone have a good solution for this? I can't alter the environment, and I know the Windows authentication will be enabled and the scripts must be executed as SYS, but I want the password validation to actually work and reject incorrect passwords. Thanks.