How to find the SQLlogins have proper password except blank,samelogin name as password And ‘password’ as password?



--To find the blank password set for any sql logins.
--PWDCOMPARE Hashes a password and compares the hash to the    hash of an existing password.   PWDCOMPARE can be used to search for blank SQL Server login passwords or common weak passwords.

SELECT name FROM sys.sql_logins
WHERE PWDCOMPARE('', password_hash) = 1 ;

--To find the password set as like the same name of sql login name    for any sql logins.

SELECT name FROM sys.sql_logins
WHERE PWDCOMPARE(name, password_hash) = 1 ;

--To find the password set as like 'password' for sql logins

SELECT name FROM sys.sql_logins
WHERE PWDCOMPARE('password', password_hash) = 1 ;

Hope you can search for blank SQL Server login passwords or common weak passwords with above query.

Comments

Post a Comment

Popular posts from this blog

SSIS2008R2 Error: 0xC0209303 at Package:

SQL2008R2 Error: The remote copy of database "XXXXX" has not been rolled forward to a point in time that is encompassed in the local copy of the database log. (Microsoft SQL Server, Error: 1412)