SA password | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

SA password

There is anyway to figure out the SA password without change it??
I’m new DBA here and nobody knows the sa password and alot of programs
are using it.
Before I change it, I want to know if there is a possible way to find out
the password.
thanks

I think there is no way you find out the password of sa.
Surendra Kalekar
http://www.microsoft.com/businesssolutions/greatplains/gp_security_wp_summary.mspx
In this link you can find out how & where the sa password is stored.
Surendra Kalekar
I haven’t seen any such tools to crack SA password. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
You may want to visit
http://www.sqlsecurity.com or
http://www.sqlservercentral.com/columnists/sjones/reviewmssqlcrack.asp And in case you manage to find it out, check this one out thereafter:
http://vyaskn.tripod.com/sql_server_security_best_practices.htm
Frank Kalis
Microsoft SQL Server MVP
http://www.insidesql.de
Ich unterstütze PASS Deutschland e.V. http://www.sqlpass.de)

http://www.nextgenss.com/papers/cracking-sql-passwords.pdf will have the alogrhythem. I haven’t try —————————————-
Cast your vote
http://www.geocities.com/dineshasanka/sqlserver05.html http://spaces.msn.com/members/dineshasanka

All very clever options, but considering you know a lot of applications us it you could simply look in the configuration files. Or, run a sniffer filtering for the destination IP and pull it out of the ether. It’s childs play to decipher it.
it’s easy for you to said that, I have no rights to the applications, developer department
is in another building and they are not cooperating. about that sniffer filtering, can you give me an example? please thanks
You can find out sa password by below query. SELECT password FROM master.dbo.sysxlogins WHERE name = ‘sa’ But the results are in binary form. I didn’t know how to change it to varchar. Regards,
Anil Kumar
Hi,
refer
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=26
Regards
Hemantgiri S. Goswami
[email protected]
"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemantgiri Goswami

]]>