locked
SQL Server 2005 reserved SA password words RRS feed

  • Question

  • Hi,

    I have installed the SQL Server 2005 Express and gave it to the SA's password: "password".
    I know it is not right.
    My question is, how they could know the password can not be the words of SQL Server 2005?

    Regards,
    Mishpatim

    Monday, July 26, 2010 8:39 PM

Answers

  •  

    When SQL Server is running on Windows 2000, setting CHECK_POLICY = ON will prevent the creation of passwords that are:

    • Null or empty
    • Same as name of computer or login
    • Any of the following:
    1. password
    2. admin
    3. administrator
    4. sa
    5. sysadmin

    Example

    ALTER LOGIN sa WITH PASSWORD ='sa'


    Msg 15118, Level 16, State 1, Line 1

    Password validation failed. The password does not meet Windows policy requirements because it is not complex enough.

    Source: SQL Server 2008 Books online


    Sivaprasad S http://sivasql.blogspot.com Please click the Mark as Answer button if a post solves your problem!
    Tuesday, July 27, 2010 1:34 AM

All replies

  • I'm not sure I understand your question, but I'll try. When SQL Server receives a password for a SQL Server login, it hashes the password. This processes the password through an encryption algorythm. The result is compared to a list in SQL Server. If the hash is the same, the password must have been the same, so the connection is accepted. When you assign a password of "password" SQL Server hashes the password. If the result matches the know has of "password", then SQL Server knows you are using "password" as the password. I hope this helps.
    Rick Byham, Microsoft, SQL Server Books Online, Implies no warranty
    Monday, July 26, 2010 9:05 PM
  •  

    When SQL Server is running on Windows 2000, setting CHECK_POLICY = ON will prevent the creation of passwords that are:

    • Null or empty
    • Same as name of computer or login
    • Any of the following:
    1. password
    2. admin
    3. administrator
    4. sa
    5. sysadmin

    Example

    ALTER LOGIN sa WITH PASSWORD ='sa'


    Msg 15118, Level 16, State 1, Line 1

    Password validation failed. The password does not meet Windows policy requirements because it is not complex enough.

    Source: SQL Server 2008 Books online


    Sivaprasad S http://sivasql.blogspot.com Please click the Mark as Answer button if a post solves your problem!
    Tuesday, July 27, 2010 1:34 AM
  • Hi,

    I need this, thanks the answer.

    Tuesday, July 27, 2010 8:19 AM
  • Hi,

    sorry, i'm bad asking, SIVAPRASAD's response is good
    Tuesday, July 27, 2010 8:24 AM