Saturday, June 17, 2006

SQL SA Password Tips

The sa account is created during the installation process and the sa account has full rights in the SQL Server environment. By default, the sa password is blank (NULL), unless you change the password when you run the MSDE Setup program. To conform with the best security practices, you must change the sa password to a strong password at the first opportunity.

Verify if the SA password is blank

1. On the computer that is hosting the instance of MSDE to which you are connecting, open a command prompt window.

2. At the command prompt, type the following command, and then press ENTER:

  osql -U sa
 

This connects you to the local, default instance of MSDE by using the sa account. To connect to a named instance installed on your computer type:

  osql -U sa -S servername\instancename
 

You are now at the following prompt:

  Password: 

3. Press ENTER again. This will pass a NULL (blank) password for sa.

If you are now at the following prompt, after you press ENTER, then you do not have a password for the sa account:

  1>

We recommend that you create a non-NULL, strong password to conform with security practices.

However, if you receive the following error message, you have entered an incorrect password. This error message indicates that a password has been created for the sa account:


"Login Failed for user 'sa'."

The following error message indicates that the computer that is running SQL Server is set to Windows Authentication only:

Login failed for user 'sa'. Reason: Not associated with a trusted SQL Server connection.

You cannot verify your sa password while in Windows Authentication mode. However, you can create a sa password so that your sa account is secure in case your authentication mode is changed to Mixed Mode in the future.

If you receive the following error message, SQL Server may not be running or you may have provided an incorrect name for the named instance of SQL Server that is installed:

  [Shared Memory]SQL Server does not exist or access denied.
[Shared Memory]ConnectionOpen (Connect()).

Change your SA password

1. On the computer that is hosting the instance of MSDE to which you are connecting, open the command prompt window.

2. Type the following command, and then press ENTER:

  osql -U sa

At the Password: prompt, press ENTER if your password is blank or type the current password. This connects you to the local, default instance of MSDE by using the sa account. To connect by using Windows authentication, type this command:

  use osql -E

Note If you are using SQL Server 2005 Express, avoid using the Osql utility, and plan to modify applications that currently use the Osql feature. Use the Sqlcmd utility instead.

3. Type the following commands, on separate lines, and then press ENTER:


sp_password @old = null, @new = 'complexpwd', @loginame ='sa'
  go

Note Make sure that you replace "complexpwd" with the new strong password. A strong password includes alpha-numeric and special characters, and a combination of upper and lower case characters.

You will receive the following informational message, which indicates that your password was changed successfully:

  Password changed.


0 comments:

 
Copyright 2018 e2e Security. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan