May 3, 2012 at 6:02 pm
Hello-
For all SQL Authenticated accounts, our corporate policy is to set the "Enfore password policy" setting on. I understand that this allows the OS level password policy to be enacted. I have an issue whereby for SQL Server authenticated accounts, the minimum password length is greater than the standard minimum for OS logins (e.g., Domain accounts need password length to be 8 characters while SQL accounts need to be 16). I'd like to be able run a query that would return the names of the SQL Logins that would have a password that doesn't meet the 16 character limit. Any advise?
Regards,
Gary Hampson
May 3, 2012 at 6:48 pm
This isn't possible, because the actual password isn't stored (nor would you want it to be). A hash is stored, much as it is with Windows systems. Since it's a hash, there's no way to audit for password length after the fact.
K. Brian Kelley
@kbriankelley
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply