CREATE LOGIN *** WITH PASSWORD=0x*** HASHED
Oct 20, 2007
Hello,
Could anybody explain: is following supposed to work:
CREATE LOGIN test
WITH PASSWORD=0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12 HASHED,
CHECK_POLICY = OFF;
GO
where
0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12
result of
SELECT HASHBYTES ('SHA1','$Test123#')
execution of 'create login' results in following error
Msg 15021, Level 16, State 2, Line 1
Invalid value given for parameter PASSWORD. Specify a valid parameter value.
Interesting enough is that if I use MD5 the hash is 8 bytes shorter and create login works but actual login procedure does not. And if I just use plain text password without HASHED everything works.
This is on sqlexpress 2005 sp2. Is this specific to express version?
I've noticed that realatively old SQL BO 2005 states that hashed password should be passed as literal in single quotations ' *** ' (and it does not work) and msdn online states that in case of HASHED hexadecimal value should be passed without single quotations, anyway does not work either ...
Thanks,
--Alex
View 4 Replies
ADVERTISEMENT
Apr 16, 2008
BOL is very terse on the subject of creating a login with a hashed password. I need to store a script file with a create login for a sql server login, and I don't want the password as plain text. Here is what I've tried:
Code Snippet
declare @input nchar(5), @output varbinary(8000)
set @input = N'A123b'
select @output = hashbytes('sha1', @input)
select @output
create login test with password = '0x22A9EA652CFC38938D56A9C3872B266B192D16D9' hashed
go
This returns the error:
Msg 15021, Level 16, State 2, Line 1
Invalid value given for parameter PASSWORD. Specify a valid parameter value.
Can anybody provide a working example? Am I way off base on the usage of this functionality?
Thanks,
John T
View 12 Replies
View Related
Oct 30, 2007
My PC is Window XP Pro and I'm using Microsoft SQL Server 2005 Express and Microsoft SQL Server Management Studio Express.
My question is how to create a login userid and password under "SQL Server Authentication"? (as shown in http://www.findingsteve.net/print_screen.jpg)
Any tutorial about this I can read?
View 6 Replies
View Related
Oct 8, 2007
Hi,
I am using SQL Server 2005 at home.
My problem is I forgot my password to log in to my server.
I only remember user name is 'sa'.
I haven't used it for two to three months. So I forgot password.
Previously, When I used sql server 2000, my login is as windows login. so no problem.
But this time, I set seperate log in and I got this problem.
Any help will be appreciated.
Thanks
George
View 11 Replies
View Related
Apr 11, 2008
I have seen alot of comments posted about an Issue in SQL2005 that no one at microsoft could really answer. If a user would try to alter his own login, it would fail stating a permissions error.
This is what I did to get it to work .
USE my_dataBase
GO
Alter Login [my_login] WITH PASSWORD = 'newpassword' OLD_PASSWORD = 'oldpassword'
In previous examples, people were trying to do an alter login without first narrowing it to the database.
If you do not include the USE statement it will fail.
Another thing to note is that they can only change certain things....they cannot turn off check_policy or check_expiration.
Happy Coding
View 2 Replies
View Related
Mar 19, 2008
Dear all;
I'm trying to use a local variable @NEW_LOGIN_CODE to pass LOGIN NAME to CREATE LOGIN script as follows:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
declare
@NEW_LOGIN_CODE varchar(255),
@NEW_LOGIN_PASSWORD varchar(255);
begin
SET @NEW_LOGIN_CODE = 'any_login';
SET @NEW_LOGIN_PASSWORD = 'AnyPassword';
CREATE LOGIN @NEW_LOGIN_CODE WITH PASSWORD @NEW_LOGIN_PASSWORD;
end
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
the script will not work unliss I provided a hard coded login code and password as follows:
CREATE LOGIN ANY_LOGIN WITH PASSWORD 'AnyPassword'
what should I do to make the CREATE LOGIN script accept local variables as parameters?
Thanks
View 3 Replies
View Related
Jan 29, 2008
Hi all,
In the DB i have stored the username and password. i had stored 'am' as password and wen i use 'Am' to login, it wil redirect to my next page correctly.Can we do any string comparison for that? Normally how can this problem be solved?
Try
con.Open()
cmd = New SqlCommand("select CompanyId,Password from CompanyDetails where CompanyId=" & uname & " and Password='" & pass & "'", con)
Dim sdr As SqlClient.SqlDataReader = cmd.ExecuteReader
If sdr.HasRows Then
sdr.Read()
Me.Session.Add("value", Val(txtuser.Text))
Response.Redirect("ViewDetails.aspx")
Else
Err.Text = "Invalid UserName/Password."
End If
Catch ex As Exception
Err.Text = ex.Message
Finally
con.Close()
End Try
View 3 Replies
View Related
Oct 6, 2005
Hi,I have developed site which has a resource file which connects to sqlserver using login name and password.Now my client doesn't want me to login to production database. bu the packing of the system is with me. is there any way to solve this issuse so that i can package the software without knowing database login name and password.TIAAmit
View 2 Replies
View Related
Mar 3, 2014
I created a cursor that moves through a table to retrieve a user's name.When I open this cursor, I create a variable to store the fetched name to use within the BEGIN/END statements to create a login, user, and role.
I'm getting an 'incorrect syntax' error at the variable. For example ..
CREATE LOGIN @NAME WITH PASSWORD 'password'
I've done a bit of research online and found that you cannot use variables to create logins and the like. One person suggested a stored procedure or dynamic SQL, whereas another pointed out that you shouldn't use a stored procedure and dynamic SQL is best.
View 3 Replies
View Related
Jan 13, 2006
SQL Server 2005 Express will not allow me to change the password for my login user. I tried deleting the user and re-creating the user. Another password is being put in although the password I put in was accepted. I even test to see what would happen if I left the password blank. It got accepted. But when I look at the password for my login user again, a different and much longer password was put in. I even tried this T-SQL statement:
CREATE LOGIN <loginname> WITH PASSWORD='<passwordname>', CHECK_EXPIRATION = OFF, CHECK_POLICY = OFF
I am out of ideals. Is this a bug?
View 5 Replies
View Related
Feb 25, 2013
Earlier one of my team member has created a user login and password but forgot the password after few days and now we need to know the password of that login. Some of the application are using this login so we can delete and create a new login with the same name hence is there any possibility or script to find out the password of the existing login.
Note: The login is not 'sa'
View 9 Replies
View Related
Aug 31, 2006
How can you force a password, from a sql login, to expire?
I would like to use the password expiration feature for sql logins in SqlServer 2005. The msdn document provides example code for SqlClient SqlConnection.ChangePassword like in Bob Beauchemin's book. http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.changepassword.aspx
There is a modify_date in the system view sys.sql_logins but that is read-only.
Thanks,
Karl
View 5 Replies
View Related
Mar 20, 2007
I have a 3 node cluster running windows 2003 x64 sp1 and SQL Server 2005 version 9.00.2153. My problem is the following...
This Saturday I migrated a web application's database to this server. After restoring the database I created the sql login for the service account, set the password and disabled the password policy for this login. I then ran sp_change_users_login to attach the already existing db user with the same name to the login. I changed the connection string for the application, tested the application connectivity and functionality then detatched the old database on the old server. Everything went like clockwork, no problems at all.
Come Monday morning at 8:35 I started getting alerts that the web site was down. I tested the site and sure enough it was down. I then attempted to connect to the database server using the login that was created for the app and the connection failed. I logged in with my ID and got in fine. Nothing showing to be wrong with the DB, I checked the new login and somehow the "Enable Password Policy" had been set for the new login. I disabled it and still no connection. I went to the database and checked the DB user and somehow the link between it and the login no longer existed. I reran the sp_change_users_login and restested the web site and verified that that web site was back online.
My question is this, is there any stored proc that resets these values back to default for some reason, a series of events that might revert the "Enable Password Policiy" to the default for a login, or is there a particular domain level operation that might occur such as Security Polcies that would affect these settings in SQL?
No one else was on the machine when I went to check it out at 8:40 so it has left me puzzled.
Any help would be appreciated.
Thanks.
Zach
View 3 Replies
View Related
Oct 4, 2007
Hello.
Is it possible to find out a complete history of when the passwords for any SQL Server logins were changed and by what/whom in 2005 standard edition?
Thanks.
View 1 Replies
View Related
Jan 26, 2006
Hai Freinds,
Is there any default username and password for sql server 7.0
Thank You
View 4 Replies
View Related
Mar 2, 2007
Our company website runs off of Microsoft SQL Server. Someone tried changing the 'administrative' password but the way that they did it locks us out of the database.
Under Enterprise Manager there is a Security group, underneath here is a login. The person reset the password here on the login id that is the DBO for our website's database. Underneath the database in Enterprise Manager the dbo uses this login id. Where else does the password need to get reset in order for that login id to access the database? We cannot set it back to the previous password because it is unknown.
When we go to our website we get the following error:
Error Executing Database Query.
[Macromedia][SQLServer JDBC Driver]Error establishing socket. Connection refused: connect
Please try the following:
Enable Robust Exception Information to provide greater detail about the source of errors. In the Administrator, click Debugging & Logging > Debugging Settings, and select the Robust Exception Information option.
Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.
Browser Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
View 3 Replies
View Related
Jul 20, 2005
Hello,What are the default login/password to access pubs and northwind databases ?I remember the login = "sa", but nothing about the password.ThanksEric
View 4 Replies
View Related
Jan 17, 2008
Is there a way to set up automated email notification beginning 14 days prior to when a SQL Server Login password (that has "Enforce password expiration" enabled) will expire?
Thanks,
-Dave
View 7 Replies
View Related
Jun 4, 2015
i am getting bellow error Error: 18456, Severity: 14, State: 8.Login failed for user 'sa'. Reason: Password did not match that for the login provided. but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring the database in online. i am not getting that error .
View 3 Replies
View Related
Dec 18, 2006
Help!!
I used to have an Access database which had tables for users, roles, actions etc.
This was used by a C++ client app (using ADO) which logged in, got the user ID and password (by raising a login dialog ) and then checked these against a user table and then assigned the roles and possible actions.
Now we have SWL Server Express 2005 - NT Authorisation - how do I get/pass the user ID to the C++ Application so it can get the associated roles? Seems silly to have 2 logins.
Better still can I do away with the App's User table or make its password column invisible to all users bar Admin and the C++ App?
View 1 Replies
View Related
Jun 8, 2015
i am getting bellow error
Error: 18456, Severity: 14, State: 8.
Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT:####]
Login failed for user [sa]
Error: 18456, Severity: 14, State 38
Failed to open the explicitly specified database but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring the database in online. i am not getting that error .
View 17 Replies
View Related
Jul 12, 2007
What is the most optimized way to store Hashed values (obtained by Object.GetHashCode() method) in SQL Server?
Thanks.
View 4 Replies
View Related
Nov 4, 2003
I have a stored procedure that validates a user login against a username and password field.
How can I ensure case sensitivity in the stored procedure for the password field?
View 4 Replies
View Related
Jul 6, 2014
I am trying to learn how to store a web form password and than check it when the user log in. So far none of the code I can find works.
Why the following test does not work and what the correct code should be?
Insert Into [user]
values ('name', 'email', HashBytes('SHA1', 'bob'))
GO
Why does the following produce no rows?
SELECT *
From [user]
Where HashBytes('SHA1', password) = HashBytes('SHA1', 'bob')
View 8 Replies
View Related
Oct 7, 2014
Is there any way to find out the password for the remote login of the Linked server
View 1 Replies
View Related
Jul 22, 2015
I have a procedure where Login and Password of the database are to be used and right now i have given a valid hardcoded value for them.
How can I get these values from the actual login (I mean sql server authentication value or windows authentication).
View 8 Replies
View Related
Sep 26, 2006
Please Help!!
We have an application using SQLOLEDB connection to a SQL Server 2005 database. Per domain policy, the users are required to change their password every 60 days.
The accounts are established to 'Enforce password policy'.
When we try to execute the 'ALTER LOGIN' command to change the password, locks are being established and will not free the account without bouncing the instance.
After issuing the command, any interaction with the server using this UserID results in a "lock request time out" error 1222.
I have tried issuing this command using both the application and through SQLServer Mgmt Studio Express and the results are the same.
Any idea would be greatly appreciated.
Rusty Rickmon
View 5 Replies
View Related
Jul 23, 2005
I have a deadlock situation, part of the problem looks like this;spid ecid dbid ObjId IndId Type Resource ModeStatus------ ------ ------ ----------- ------ ---- ---------------- -------------404 0 9 792389892 1 KEY (010086470766) SIUWAIT72 0 9 792389892 1 KEY (010086470766) SIUWAIT115 0 9 792389892 1 KEY (010086470766) SIUWAIT61 0 9 792389892 1 KEY (010086470766) ISWAIT318 0 9 792389892 1 KEY (010086470766) SIUWAIT430 0 9 1112391032 1 KEY (010086470766) XGRANTThey are key locks I am used to the resource value generally beingunique by table. I am wondering if the other 'WAIT's are indeedwaiting based on the 'unique' resource value. Note that the exclusivegrant is on a different table but, the resource rsc_text value is thesame. Looking it up I get for a key lock that it's a hashed value, myreferance tells me what is is for a non-clustered index but, does notexplain what it would be for a clustered index.Does it protect this resource based exclusively on resource rsc_text oris it unique by ObjID/Rsc_text, has anyone seen this before?Suggestions?SQL Server 2000/SP3-Chris
View 1 Replies
View Related
Feb 2, 2007
Hi. I have a DetailsView with Bound Fields "Login" and "Password". This informations are stored in SQL database. How to solve such authorization? How to compare password stored in database against passowrd typed by user? Is this a good idea to use CustomValidator control to write some checking procedure?. Regards. Pawel.
View 1 Replies
View Related
Nov 29, 2007
I currently have a login page in asp.net 2.0 linked to a SQL 2005 database table that holds the usernames and passwords. At present, I am on an "honor system" where I do have access to the passwords of the other users but would like to change it so that I cannot know what the users' passwords are. Thank goodness that there is no personal information within the pages and the logins were created to keep a log of who logs in and what not. However, I would like to soon hold more personlized information, hence the need to encrypt each user's password even from myself.
I have read up on Symmetric Encryption for SQL 2005 but I would like to know if there is anything else available, any good proven methods that someone else has already tried.
Also, while testing out Symmetric Encryption, I noticed that I have to supply the encryption password for the decryption. However, if I know what the password for the encryption/decription is, does it not defeat the purpose of having the encryption at all, in terms of the "Admin" having access to sensitive information? Just curious if I understood the concept correctly or not.
Thanks in advance to all.
View 2 Replies
View Related
Oct 1, 2007
Hello
SQL Server 2000 Enterprise Edition SP3
I have an application which uses a login with an encrypted password. Everything works well, no errors in the application.
My SQL Server errorlogs keeps recording:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
I know this message is related to the login with the encrypted password (tracked it with Profiler)
My question: Is it normal that the error log tracks this message because the password is encrypted?
Many thanks!
Worf
View 1 Replies
View Related
Oct 11, 2007
the password of sa account is empt
I use "sqlcmd -S servername -U sa " command but failed
any suggestions?
thanks
View 8 Replies
View Related
Nov 21, 2006
hi
i have created a username and a password in sqlserver 2000 from logins in Enterprise manager
and i permit him to the database i need to connect to ..
and i check all server roles for that user and i make sqlserver authentication for him with a password and then i goto the udl file to connect to that database using that user it fails !! and says
"login failed for that user 'myusername' reason not associated with a trusted sqlserver connection"
while i use NT integrated security it works well
so how can i connect to sqlserver using a username and a password
thanks in advance
View 3 Replies
View Related
