Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Passwords - case sensitive in Login using SQL Server Authentication


Passwords - case sensitive in Login using SQL Server Authentication

Author
Message
Decommissioned_Account_02
Decommissioned_Account_02
SSC Veteran
SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)

Group: General Forum Members
Points: 243 Visits: 768
Hi,

In SQL Server 2005, Logins using SQL Server Authentication are case sensitive (even if you remove the “Enforce password policy” option in the login prosperity).

Is there a way to turn this feature off in a Login or on all Logins on the server?

Example:

Login: David
Password: BLUE

Is there a way that Password: BLUE and Password: blue to both work?

Thanks,
David
K. Brian Kelley
K. Brian Kelley
Keeper of the Duck
Keeper of the Duck (6.8K reputation)

Group: Moderators
Points: 6774 Visits: 1911
No. While the login name was case-insensitive if your SQL Server has a case-insensitive collation, the password is always case sensitive. This is because of the hashing algorithm used.

K. Brian Kelley
@‌kbriankelley
Decommissioned_Account_02
Decommissioned_Account_02
SSC Veteran
SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)SSC Veteran (243 reputation)

Group: General Forum Members
Points: 243 Visits: 768
Thank you for your help!
ebayemails123
ebayemails123
Forum Newbie
Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)

Group: General Forum Members
Points: 1 Visits: 0
K. Brian Kelley (2/15/2009)
No. While the login name was case-insensitive if your SQL Server has a case-insensitive collation, the password is always case sensitive. This is because of the hashing algorithm used.


I understand your reply but i wonder if you can help.

We recently migrated from Windows SBS 2000 to Windows SBS 2008 as well as SQL Server 2000 to SQL server 2008.

We use an in house software which, when developed, didn't take into consideration the CASE SENSITIVITY for the login (user: sa pass: aBc123) since SQL server 2000 didn't care for the sesnsitivity. The developer realizes now that it was poor software design on his part and is trying to fix it.

In the meanwhile I was wondering if we can run an SQL Query on the SQL SERVER 2008 to tell it not to care for the sensitivity of the user 'sa'.

Something along the lines of:

ALTER LOGIN sa PASSWORD = 'aBc123' COLLATE SQL_Latin1_General_CP1_CI_AS



I know this is not a proper SQL query, but can you suggest anything?
K. Brian Kelley
K. Brian Kelley
Keeper of the Duck
Keeper of the Duck (6.8K reputation)

Group: Moderators
Points: 6774 Visits: 1911
By default SQL Server is case insensitive with respect to the login. So unless you've chosen a collation when you installed SQL Server that is case sensitive, it doesn't matter if the app logs in as sa, SA, sA, or Sa. The password is always case sensitive. If you're application doesn't take case sensitivity into account with respect to password, does it treat it as all lowercase or uppercase? If so, make the password conform to that.

K. Brian Kelley
@‌kbriankelley
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search