December 6, 2005 at 12:14 pm
I need some quick help.
I'm currently in the process of doing a rather urgent security lock down project. In doing some of the leg work up front I found a particular server that has a blank sa password. I intend to set a password for this ASAP, however, since I don't have the necessary time to fully understand all processes that are touching this account (other than DTS or jobs), I may have reason to need to re-set the password back to being blank.
Does anyone know if 1 -- this can be done -- or 2 -- how it can be done?
Thanks for any help that can be provided.
December 6, 2005 at 12:34 pm
SQL Server will allow you to set it back to blank. When you go to set the password, notice that there will be a 'blank password (not recommended)' checkbox.
As a side note, I think your DTS packages and jobs will be fine. SQL Server knows that the 'sa' password has change and will still authenticate other SQL Server objects using 'sa'. The only problems you should have are instances where you are using 'sa' and have the password hard-coded into your application or a ODBC data source.
December 7, 2005 at 8:29 am
You can run the sp_password stored procedure to change your SA password.
December 7, 2005 at 8:56 am
Do you have the ability to run a SQL trace? Turn on logon success auditing before making the change? You may not be able to get everyone, but you should be able to get the low-hanging fruit... the ones that run the most often.
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply