January 21, 2014 at 8:39 am
I'll join in - nice script, Perry! It's got more of the options than the one I use.
SQL 2005, 2008, and 2008R2 all use 2005-vintage "0x0100" prefix passwords - they are SHA-1(UCS-2(password)+salt), so hashed passwords are portable between all three, in any direction.
SQL 2012 uses "0x0200" prefix passwords - they are SHA-512(UCS-2(password)+salt). You'll need to add the plaintext passwords yourself, unfortunately.
I haven't looked at SQL 2014 yet.
P.S. If you're upgrading, I would recommend trying to take the opportunity to change what you can to Windows authentication, as Jeff said, or at least upgrade and change the passwords on those you don't. Too often I see passwords like "P@ssw0rd" (Upper, lower, number, symbol, 8 character... worthless) or "Myc0mpanyMyapp" - something easily guessable. Much better are passwords like
"ZVDKAgmcAtrBVdjBMF117OSZjbHsbW" (upper, lower, number, 30 characters, random)
or, even better,
"4HÑßäCÖ{@ÂrÆÑlë¼{ýq†vJGÙiÇxQPOÍ7¯†{èþ®GòÌA@0¿ôøÂÕ;ÒÂÊxaJÛïLYj‡ÑofKŠ{YXÊziÌ«ó&,nO·ÓÓÿuëúøCæКA,7Òêz=ñòd?ø|b2‰Ag™Ð1.õpuÓÜ" (upper, lower, number, symbol, extended ASCII, 126 characters, random - SQL Server likes it just fine, though many apps freak out at various symbols - each platform has a different set of reserved symbols).
*UCS-2 is the actual implementation of what SQL Server calls "Unicode" or "NVARCHAR" and "NCHAR".
**SQL 2000 logins can have the same "0x0100" prefix, but they're in a different format.
***http://keepass.info/ - KeePass[/url]or other local software can help you create and keep track of good passwords.
Viewing post 16 (of 16 total)
You must be logged in to reply to this topic. Login to reply