CREATE LOGIN *** WITH PASSWORD=0x*** HASHED

Oct 20, 2007

Hello,
Could anybody explain: is following supposed to work:



CREATE LOGIN test


WITH PASSWORD=0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12 HASHED,

CHECK_POLICY = OFF;
GO

where

0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12
result of

SELECT HASHBYTES ('SHA1','$Test123#')


execution of 'create login' results in following error

Msg 15021, Level 16, State 2, Line 1

Invalid value given for parameter PASSWORD. Specify a valid parameter value.

Interesting enough is that if I use MD5 the hash is 8 bytes shorter and create login works but actual login procedure does not. And if I just use plain text password without HASHED everything works.

This is on sqlexpress 2005 sp2. Is this specific to express version?
I've noticed that realatively old SQL BO 2005 states that hashed password should be passed as literal in single quotations ' *** ' (and it does not work) and msdn online states that in case of HASHED hexadecimal value should be passed without single quotations, anyway does not work either ...

Thanks,

--Alex

View 4 Replies


ADVERTISEMENT

Request: Actual Example Of Create Login With Password Hashed

Apr 16, 2008



BOL is very terse on the subject of creating a login with a hashed password. I need to store a script file with a create login for a sql server login, and I don't want the password as plain text. Here is what I've tried:




Code Snippet

declare @input nchar(5), @output varbinary(8000)

set @input = N'A123b'

select @output = hashbytes('sha1', @input)

select @output

create login test with password = '0x22A9EA652CFC38938D56A9C3872B266B192D16D9' hashed

go




This returns the error:


Msg 15021, Level 16, State 2, Line 1

Invalid value given for parameter PASSWORD. Specify a valid parameter value.


Can anybody provide a working example? Am I way off base on the usage of this functionality?

Thanks,

John T

View 12 Replies View Related

How To Create A Login Userid And Password For Ms SQL Server 2005 Express?

Oct 30, 2007

My PC is Window XP Pro and I'm using Microsoft SQL Server 2005 Express and Microsoft SQL Server Management Studio Express.
My question is how to create a login userid and password under "SQL Server Authentication"? (as shown in http://www.findingsteve.net/print_screen.jpg)
Any tutorial about this I can read?

View 6 Replies View Related

How Can I Login To My MS SQL Server 2005 If I Forgot My Login Password

Oct 8, 2007



Hi,


I am using SQL Server 2005 at home.
My problem is I forgot my password to log in to my server.
I only remember user name is 'sa'.
I haven't used it for two to three months. So I forgot password.
Previously, When I used sql server 2000, my login is as windows login. so no problem.
But this time, I set seperate log in and I got this problem.
Any help will be appreciated.
Thanks
George

View 11 Replies View Related

Alter Login Fails When Login Changes His Own Password

Apr 11, 2008



I have seen alot of comments posted about an Issue in SQL2005 that no one at microsoft could really answer. If a user would try to alter his own login, it would fail stating a permissions error.

This is what I did to get it to work .

USE my_dataBase
GO

Alter Login [my_login] WITH PASSWORD = 'newpassword' OLD_PASSWORD = 'oldpassword'


In previous examples, people were trying to do an alter login without first narrowing it to the database.
If you do not include the USE statement it will fail.

Another thing to note is that they can only change certain things....they cannot turn off check_policy or check_expiration.

Happy Coding

View 2 Replies View Related

Using Local Variable To Pass Login Name To CREATE LOGIN Script

Mar 19, 2008

Dear all;

I'm trying to use a local variable @NEW_LOGIN_CODE to pass LOGIN NAME to CREATE LOGIN script as follows:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
declare

@NEW_LOGIN_CODE varchar(255),
@NEW_LOGIN_PASSWORD varchar(255);
begin

SET @NEW_LOGIN_CODE = 'any_login';
SET @NEW_LOGIN_PASSWORD = 'AnyPassword';

CREATE LOGIN @NEW_LOGIN_CODE WITH PASSWORD @NEW_LOGIN_PASSWORD;
end
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

the script will not work unliss I provided a hard coded login code and password as follows:

CREATE LOGIN ANY_LOGIN WITH PASSWORD 'AnyPassword'

what should I do to make the CREATE LOGIN script accept local variables as parameters?

Thanks


View 3 Replies View Related

Password Comparison During Login

Jan 29, 2008

Hi all,
In the DB i have stored the username and password. i had stored 'am' as password and wen i use 'Am' to login, it wil redirect to my next page correctly.Can we do any string comparison for that? Normally how can this problem be solved?
 Try
con.Open()
cmd = New SqlCommand("select CompanyId,Password from CompanyDetails where CompanyId=" & uname & " and Password='" & pass & "'", con)
Dim sdr As SqlClient.SqlDataReader = cmd.ExecuteReader
If sdr.HasRows Then
sdr.Read()
Me.Session.Add("value", Val(txtuser.Text))
Response.Redirect("ViewDetails.aspx")
Else
Err.Text = "Invalid UserName/Password."
End If
Catch ex As Exception
Err.Text = ex.Message
Finally
con.Close()
End Try 

View 3 Replies View Related

Sql Server Login Name And Password

Oct 6, 2005

Hi,I have developed  site which has a resource file which connects to sqlserver using login name and password.Now my client doesn't want me to login to production database. bu the packing of the system is with me. is there any way to solve this issuse so that i can package the software without knowing database login name and password.TIAAmit

View 2 Replies View Related

Create Variable To Store Fetched Name To Use Within BEGIN / END Statements To Create A Login

Mar 3, 2014

I created a cursor that moves through a table to retrieve a user's name.When I open this cursor, I create a variable to store the fetched name to use within the BEGIN/END statements to create a login, user, and role.

I'm getting an 'incorrect syntax' error at the variable. For example ..

CREATE LOGIN @NAME WITH PASSWORD 'password'

I've done a bit of research online and found that you cannot use variables to create logins and the like. One person suggested a stored procedure or dynamic SQL, whereas another pointed out that you shouldn't use a stored procedure and dynamic SQL is best.

View 3 Replies View Related

Can't Change Sql Login User's Password

Jan 13, 2006

SQL Server 2005 Express will not allow me to change the password for my login user. I tried deleting the user and re-creating the user. Another password is being put in although the password I put in was accepted. I even test to see what would happen if I left the password blank. It got accepted. But when I look at the password for my login user again, a different and much longer password was put in. I even tried this T-SQL statement:

CREATE LOGIN <loginname> WITH PASSWORD='<passwordname>', CHECK_EXPIRATION = OFF, CHECK_POLICY = OFF

I am out of ideals. Is this a bug?

View 5 Replies View Related

How To Find User Login Password

Feb 25, 2013

Earlier one of my team member has created a user login and password but forgot the password after few days and now we need to know the password of that login.  Some of the application are using this login so we can delete and create a new login with the same name hence is there any possibility or script to find out the password of the existing login.

Note: The login is not 'sa'

View 9 Replies View Related

How Can You Force A Password, From A Sql Login, To Expire

Aug 31, 2006

How can you force a password, from a sql login, to expire?

I would like to use the password expiration feature for sql logins in SqlServer 2005. The msdn document provides example code for SqlClient SqlConnection.ChangePassword like in Bob Beauchemin's book. http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.changepassword.aspx

There is a modify_date in the system view sys.sql_logins but that is read-only.



Thanks,

Karl



View 5 Replies View Related

SQL Login Enforce Password Policy

Mar 20, 2007

I have a 3 node cluster running windows 2003 x64 sp1 and SQL Server 2005 version 9.00.2153. My problem is the following...

This Saturday I migrated a web application's database to this server. After restoring the database I created the sql login for the service account, set the password and disabled the password policy for this login. I then ran sp_change_users_login to attach the already existing db user with the same name to the login. I changed the connection string for the application, tested the application connectivity and functionality then detatched the old database on the old server. Everything went like clockwork, no problems at all.

Come Monday morning at 8:35 I started getting alerts that the web site was down. I tested the site and sure enough it was down. I then attempted to connect to the database server using the login that was created for the app and the connection failed. I logged in with my ID and got in fine. Nothing showing to be wrong with the DB, I checked the new login and somehow the "Enable Password Policy" had been set for the new login. I disabled it and still no connection. I went to the database and checked the DB user and somehow the link between it and the login no longer existed. I reran the sp_change_users_login and restested the web site and verified that that web site was back online.

My question is this, is there any stored proc that resets these values back to default for some reason, a series of events that might revert the "Enable Password Policiy" to the default for a login, or is there a particular domain level operation that might occur such as Security Polcies that would affect these settings in SQL?

No one else was on the machine when I went to check it out at 8:40 so it has left me puzzled.

Any help would be appreciated.

Thanks.

Zach

View 3 Replies View Related

SQL Login Password Change History

Oct 4, 2007

Hello.

Is it possible to find out a complete history of when the passwords for any SQL Server logins were changed and by what/whom in 2005 standard edition?

Thanks.

View 1 Replies View Related

What Is The Default Login User Name And Password

Jan 26, 2006

Hai Freinds,

Is there any default username and password for sql server 7.0

Thank You

View 4 Replies View Related

HELP! Reset Dbo Login Id Password, Cannot Get Company Website Up

Mar 2, 2007

Our company website runs off of Microsoft SQL Server. Someone tried changing the 'administrative' password but the way that they did it locks us out of the database.

Under Enterprise Manager there is a Security group, underneath here is a login. The person reset the password here on the login id that is the DBO for our website's database. Underneath the database in Enterprise Manager the dbo uses this login id. Where else does the password need to get reset in order for that login id to access the database? We cannot set it back to the previous password because it is unknown.

When we go to our website we get the following error:
Error Executing Database Query.
[Macromedia][SQLServer JDBC Driver]Error establishing socket. Connection refused: connect


Please try the following:
Enable Robust Exception Information to provide greater detail about the source of errors. In the Administrator, click Debugging & Logging > Debugging Settings, and select the Robust Exception Information option.
Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.

Browser Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

View 3 Replies View Related

Northwind And Pubs Default Login/password ?

Jul 20, 2005

Hello,What are the default login/password to access pubs and northwind databases ?I remember the login = "sa", but nothing about the password.ThanksEric

View 4 Replies View Related

Notification When SQL Server Login Password Is Set To Expire

Jan 17, 2008

Is there a way to set up automated email notification beginning 14 days prior to when a SQL Server Login password (that has "Enforce password expiration" enabled) will expire?

Thanks,

-Dave

View 7 Replies View Related

DB Design :: Password Did Not Match That For Login Provided

Jun 4, 2015

i am getting bellow error Error: 18456, Severity: 14, State: 8.Login failed for user 'sa'. Reason: Password did not match that for the login provided. but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring  the database in online. i am not getting that error .

View 3 Replies View Related

SQL Server Express Client App Login / Password

Dec 18, 2006

Help!!

I used to have an Access database which had tables for users, roles, actions etc.

This was used by a C++ client app (using ADO) which logged in, got the user ID and password (by raising a login dialog ) and then checked these against a user table and then assigned the roles and possible actions.

Now we have SWL Server Express 2005 - NT Authorisation - how do I get/pass the user ID to the C++ Application so it can get the associated roles? Seems silly to have 2 logins.

Better still can I do away with the App's User table or make its password column invisible to all users bar Admin and the C++ App?

View 1 Replies View Related

DB Design :: Password Did Not Match For Login Provided

Jun 8, 2015

i am getting bellow error 

Error: 18456, Severity: 14, State: 8.
Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT:####]
Login failed for user [sa]
Error: 18456, Severity: 14, State 38

Failed to open the explicitly specified database but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring  the database in online. i am not getting that error .

View 17 Replies View Related

Optimized Way To Store Hashed Values?

Jul 12, 2007

What is the most optimized way to store Hashed values (obtained by Object.GetHashCode() method) in SQL Server?

Thanks.

View 4 Replies View Related

Login With A Case Sensitive Password With A Stored Procedure

Nov 4, 2003

I have a stored procedure that validates a user login against a username and password field.
How can I ensure case sensitivity in the stored procedure for the password field?

View 4 Replies View Related

SQL Server 2014 :: How To Encrypt And Check A Login Password

Jul 6, 2014

I am trying to learn how to store a web form password and than check it when the user log in. So far none of the code I can find works.

Why the following test does not work and what the correct code should be?

Insert Into [user]
values ('name', 'email', HashBytes('SHA1', 'bob'))
GO

Why does the following produce no rows?

SELECT *
From [user]
Where HashBytes('SHA1', password) = HashBytes('SHA1', 'bob')

View 8 Replies View Related

SQL 2012 :: Linked Server And Remote Login Password

Oct 7, 2014

Is there any way to find out the password for the remote login of the Linked server

View 1 Replies View Related

SQL Server 2012 :: Hardcoded Login And Password In Proc

Jul 22, 2015

I have a procedure where Login and Password of the database are to be used and right now i have given a valid hardcoded value for them.

How can I get these values from the actual login (I mean sql server authentication value or windows authentication).

View 8 Replies View Related

Using 'Alter Login' To Change Password In SQL Server 2005

Sep 26, 2006

Please Help!!

We have an application using SQLOLEDB connection to a SQL Server 2005 database. Per domain policy, the users are required to change their password every 60 days.

The accounts are established to 'Enforce password policy'.

When we try to execute the 'ALTER LOGIN' command to change the password, locks are being established and will not free the account without bouncing the instance.

After issuing the command, any interaction with the server using this UserID results in a "lock request time out" error 1222.

I have tried issuing this command using both the application and through SQLServer Mgmt Studio Express and the results are the same.

Any idea would be greatly appreciated.



Rusty Rickmon

View 5 Replies View Related

Key Lock Hashed Resource Text Value Not Unique?

Jul 23, 2005

I have a deadlock situation, part of the problem looks like this;spid ecid dbid ObjId IndId Type Resource ModeStatus------ ------ ------ ----------- ------ ---- ---------------- -------------404 0 9 792389892 1 KEY (010086470766) SIUWAIT72 0 9 792389892 1 KEY (010086470766) SIUWAIT115 0 9 792389892 1 KEY (010086470766) SIUWAIT61 0 9 792389892 1 KEY (010086470766) ISWAIT318 0 9 792389892 1 KEY (010086470766) SIUWAIT430 0 9 1112391032 1 KEY (010086470766) XGRANTThey are key locks I am used to the resource value generally beingunique by table. I am wondering if the other 'WAIT's are indeedwaiting based on the 'unique' resource value. Note that the exclusivegrant is on a different table but, the resource rsc_text value is thesame. Looking it up I get for a key lock that it's a hashed value, myreferance tells me what is is for a non-clustered index but, does notexplain what it would be for a clustered index.Does it protect this resource based exclusively on resource rsc_text oris it unique by ObjID/Rsc_text, has anyone seen this before?Suggestions?SQL Server 2000/SP3-Chris

View 1 Replies View Related

How To Authenticate Users Using User Login And Password Stored In SQL Database?

Feb 2, 2007

Hi. I have a DetailsView with Bound Fields "Login" and "Password". This informations are stored in SQL database. How to solve such authorization? How to compare password stored in database against passowrd typed by user? Is this a good idea to use CustomValidator control to write some checking procedure?. Regards. Pawel.

View 1 Replies View Related

SQL 2005: Symmetric Encryption With Asp.net Page, Login, Username, Password

Nov 29, 2007

I currently have a login page in asp.net 2.0 linked to a SQL 2005 database table that holds the usernames and passwords. At present, I am on an "honor system" where I do have access to the passwords of the other users but would like to change it so that I cannot know what the users' passwords are. Thank goodness that there is no personal information within the pages and the logins were created to keep a log of who logs in and what not. However, I would like to soon hold more personlized information, hence the need to encrypt each user's password even from myself.
I have read up on Symmetric Encryption for SQL 2005 but I would like to know if there is anything else available, any good proven methods that someone else has already tried.
Also, while testing out Symmetric Encryption, I noticed that I have to supply the encryption password for the decryption. However, if I know what the password for the encryption/decription is, does it not defeat the purpose of having the encryption at all, in terms of the "Admin" having access to sensitive information? Just curious if I understood the concept correctly or not.
 Thanks in advance to all.
 
 

View 2 Replies View Related

Encrypted Password Generated Login Failed For User '(null)'

Oct 1, 2007

Hello

SQL Server 2000 Enterprise Edition SP3

I have an application which uses a login with an encrypted password. Everything works well, no errors in the application.
My SQL Server errorlogs keeps recording:

Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.

I know this message is related to the login with the encrypted password (tracked it with Profiler)
My question: Is it normal that the error log tracks this message because the password is encrypted?

Many thanks!
Worf

View 1 Replies View Related

How To Use Sqlcmd Command To Login To Sqlserver With Sa Account Which Have Empty Password

Oct 11, 2007

the password of sa account is empt

I use "sqlcmd -S servername -U sa " command but failed

any suggestions?

thanks

View 8 Replies View Related

I Can't Login To Sqlserver With A Username And A Password But Works With NT Integrated Security !!

Nov 21, 2006

hi
i have created a username and a password in sqlserver 2000 from logins in Enterprise manager
and i permit him to the database i need to connect to ..
and i check all server roles for that user and i make sqlserver authentication for him with a password and then i goto the udl file to connect to that database using that user it fails !! and says

"login failed for that user 'myusername' reason not associated with a trusted sqlserver connection"

while i use NT integrated security it works well
so how can i connect to sqlserver using a username and a password

thanks in advance

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved