Re: 'sa' password
From: K. Brian Kelley (rev_brian@nospam.hotmail.com)
Date: 09/09/02
- Next message: K. Brian Kelley: "Re: Error 18456 Login failed..."
- Previous message: Bill Hollinshead [MS]: "RE: Logins"
- In reply to: Tom Moreau: "Re: 'sa' password"
- Next in thread: Chris Skorlinski: "Re: 'sa' password"
- Reply: Chris Skorlinski: "Re: 'sa' password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "K. Brian Kelley" <rev_brian@nospam.hotmail.com> Date: Mon, 9 Sep 2002 17:15:56 -0400
SQL Server login passwords are crackable because of a weakness in the hash.
It can be recovered with a crack program if you already have sysadmin rights
to the box via another login method (access to sysxlogins is a requirement.
A paper detailing the weakness is available at NGSSoftware's site
(http://www.nextgenss.com/).
The article: http://www.nextgenss.com/papers/cracking-sql-passwords.pdf
A review of NGSSQLCrack (free registration required):
http://www.sqlservercentral.com/columnists/sjones/reviewmssqlcrack.asp
-- K. Brian Kelley http://www.truthsolutions.com/ Author: Start to Finish Guide to SQL Server Performance Monitoring http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1 -- "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message news:ek5ouhaVCHA.2024@tkmsftngp08... The sa password is encrypted, so if you forgot it, you won't be able to get it back. That's what security is all about. You can, however, change it to something you do know. You will have to connect through another login that belongs to the sysadmin role. If you haven't already removed the BUILTIN\Administrators group, then you can login into the server as an administrator and use Windows authentication to connect. -- Tom --------------------------------------------------------------- Thomas A. Moreau, BSc, PhD, MCSE, MCDBA, MCT SQL Server MVP Columnist, SQL Server Professional Toronto, ON Canada www.pinnaclepublishing.com/sql www.apress.com "iKc" <pruello@tibco.fr> wrote in message news:unVhqpYVCHA.2540@tkmsftngp09... Hi, I don't remember the password of my 'sa' user (Hopefully I still can login as BUILTIN\Admin). I only see it in binary format. Is there a way to find it? I want to keep it and I don't want to put it as NULL. Is there a way to find again my 'sa' password? Thks.
- Next message: K. Brian Kelley: "Re: Error 18456 Login failed..."
- Previous message: Bill Hollinshead [MS]: "RE: Logins"
- In reply to: Tom Moreau: "Re: 'sa' password"
- Next in thread: Chris Skorlinski: "Re: 'sa' password"
- Reply: Chris Skorlinski: "Re: 'sa' password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
