SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Can it be possible SQL Login creation with an empty password


Can it be possible SQL Login creation with an empty password

Author
Message
mohan.bndr
mohan.bndr
Ten Centuries
Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)

Group: General Forum Members
Points: 1218 Visits: 481
Hi

I would like to know that, Is that possible to create SQL Login with blank password in SQL Server...

Please advise !!!
HanShi
HanShi
SSCoach
SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)SSCoach (18K reputation)

Group: General Forum Members
Points: 18560 Visits: 3790
Yes, it's possible. But is is a real security risk and never -ever- recommended. Are you really sure you can not define a password?

This is how you do it:
1.) In the GUI don't enter a password and clear the checkbox "enforce password policy".
or
2.) With T-SQL:
CREATE LOGIN [login_name] WITH PASSWORD=N'', DEFAULT_DATABASE=[database_name], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF



** Don't mistake the ‘stupidity of the crowd’ for the ‘wisdom of the group’! **
mohan.bndr
mohan.bndr
Ten Centuries
Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)

Group: General Forum Members
Points: 1218 Visits: 481
Thanks all you guys for responding,but I believe in the older version of SQL Server (200 and below) can only possible.... am i correct ? and for SQL 2005 onwards this has been changed and will not allow to have blank password. Please correct me if any information on this...


Great Persons ...Good Involvement
Sean Lange
Sean Lange
SSC Guru
SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)SSC Guru (148K reputation)

Group: General Forum Members
Points: 148529 Visits: 18575
mohan.bndr (7/24/2013)
Thanks all you guys for responding,but I believe in the older version of SQL Server (200 and below) can only possible.... am i correct ? and for SQL 2005 onwards this has been changed and will not allow to have blank password. Please correct me if any information on this...


Great Persons ...Good Involvement


Did you try it? The code posted will generate a login with a blank password.

_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Modens splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Eric M Russell
Eric M Russell
SSC Guru
SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)SSC Guru (62K reputation)

Group: General Forum Members
Points: 62498 Visits: 12784
mohan.bndr (7/24/2013)
Thanks all you guys for responding,but I believe in the older version of SQL Server (200 and below) can only possible.... am i correct ? and for SQL 2005 onwards this has been changed and will not allow to have blank password. Please correct me if any information on this...

Yes, it is technically possible to have a SQL Server account with blank password, I saw this the other day on a SQL Server 2008 R2 instance. Perhaps it was an artifact left over from a 2000 -> 2005/2008 migration, but it was there.

For identifying weak SQL Server accounts, I use the following:

-- There are several frequently used password lists posted on the web. 
-- Here are a few, but perhaps 100 or more could be inserted here.
declare @pw table (pwtext varchar(180) not null primary key);
insert into @pw (pwtext)
values ('password'), ('123456'), ('12345678'), ('1234'), ('qwerty'), ('12345');
select name, type_desc, create_date, modify_date, password_hash
from sys.sql_logins l
join @pw pw on pwdcompare(pw.pwtext, l.password_hash) = 1;

-- Query accounts with empty password:
select name, type_desc, create_date, modify_date, password_hash
from sys.sql_logins
where pwdcompare('', password_hash) = 1;

-- Query accounts where password = account name:
select name, type_desc, create_date, modify_date, password_hash
from sys.sql_logins
where pwdcompare(name, password_hash) = 1;




"The universe is complicated and for the most part beyond your control, but your life is only as complicated as you choose it to be."
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum








































































































































































SQLServerCentral


Search