locked
SQL Server login RRS feed

  • Question

  • I have a asp.net application in which the login is configured with sql server.  I tried to enforce password policy and password expiration within sql server for that login.  When I made those changes, the user tried to login in the website and the login failed.  I do not know the current sql authentication password.  Can I just change the sql authentication password in sql server management studio for that login or will it not allow the users to log back in if changed?

    Thanks

    Thursday, June 14, 2012 8:50 PM

Answers

  • If you change the password for account, that account will have to use the new password to be able to log in. The old will not work.

    It is not clear to me whether you have a password embeded into the web application, or whethers users provide their personal login and password. In the first case you will need to change the connection string or configuration file where you have the password to contain the new password. And in the latter case, yes, users will need to provide the new password. And you need to tell them what the password is.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    • Marked as answer by Maggie Luo Sunday, June 24, 2012 2:41 PM
    Friday, June 15, 2012 9:31 PM

All replies

  • ALTER LOGIN yourlogin WITH PASSWORD = 'nevvStrR0n6P@swörD'

    To change the password

    ALTER LOGIN yourlogin ENABLE

    In case the login is disabled.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Thursday, June 14, 2012 8:58 PM
  • Erland,

    Thanks for your response.  My question was if I changed the password, will it cause the login to fail for the website?  Will users have to initially use the new password to log into the website?

    Thanks

    Friday, June 15, 2012 12:27 PM
  • If you change the password for account, that account will have to use the new password to be able to log in. The old will not work.

    It is not clear to me whether you have a password embeded into the web application, or whethers users provide their personal login and password. In the first case you will need to change the connection string or configuration file where you have the password to contain the new password. And in the latter case, yes, users will need to provide the new password. And you need to tell them what the password is.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    • Marked as answer by Maggie Luo Sunday, June 24, 2012 2:41 PM
    Friday, June 15, 2012 9:31 PM
  • Hi with your information below points are clear

    1) You are using the SQL serve authentication.

    2) You have set the Password Poclicy and Password expiration

    3) And may you have opted for "user must change for next login" in which case you should have given the user the ability to change the password from ASP.

    in this case the users will not be allowed to login either you change the password from SQL server and you have to provide the users the new password you have set.

    Jai


    Jai Please click "Propose As Answer" if a post solves your problem or "Vote As Helpful" if a post has been useful to you

    Monday, June 18, 2012 7:11 AM