Post reply

Installation Passwords

  • July 7, 2016 at 9:16 am

    #1888974

    Sean Lange (7/7/2016)

    webrunner (7/7/2016)

    Like many others who have posted comments, I also first thought all 4 would be required for a strong SQL password. And it does stand to reason that empirically the password using all 4 would have all of the strengthening properties that are recommended.

    But then I thought, did they relax the restriction to 3 because special characters might cause issues when interacting with other systems? Guess I will have to read up on the documentation to find out.

    - webrunner

    Good luck....depending on which page of documentation you find you may or may not get the right answer. :w00t:

    Lol, thanks for the warning! 🙂

    -------------------
    A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
    Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html

  • July 7, 2016 at 10:19 am

    #1889018

    Can I call "poorly worded question"?

    A truly strong password would need all four.

    Microsoft's Password Policy says you need three of four.

    The question asked what a strong password would require, not what Microsoft's policy requires. 😀

    I think everyone who answered "all four" should get points for having a great security mindset. (full disclosure: I picked "three of four" as my answer based on the MS tech articles)

    Here there be dragons...,

    Steph Brown

  • July 7, 2016 at 10:43 am

    #1889029

    Stephanie J Brown (7/7/2016)

    Can I call "poorly worded question"?

    A truly strong password would need all four.

    Microsoft's Password Policy says you need three of four.

    The question asked what a strong password would require, not what Microsoft's policy requires. 😀

    I think everyone who answered "all four" should get points for having a great security mindset. (full disclosure: I picked "three of four" as my answer based on the MS tech articles)

    Wouldn't that now become your opinion instead of what is required to make sql server happy? 😉

    I think it should be 7. I didn't see doodles, sign language or squirrel noises anywhere in the list of options.

    _______________________________________________________________

    Need help? Help us help you.

    Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

    Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.

    Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
    Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
    Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
    Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/

  • July 7, 2016 at 10:44 am

    #1889030

    Toreador (7/7/2016)

    I can never pass up the opportunity to post this link

    http://xkcd.com/936/[/url]

    I like sentences, I would translate that to C0rr3ctHor53B4ttery5taple*, sadly it is too long for most online subscriptions that require a "secure password", far too many are restricted by password length e.g. must be e1ght characters long!!!!

    Sooooo many times have I have been told to re-enter as it fails the password standard :w00t: That is the time to walk away imho 🙂

    ...

  • July 8, 2016 at 2:05 am

    #1889105

    I confess I looked it up... and still got it wrong (I answered 2, not 3)

    The MSDN article on strong passwords said:

    Combines letters, numbers, and symbol characters within the password.

    The answer options were

    It must contain uppercase letters.

    It must contain lowercase letters.

    It must contain numbers.

    It must contain non-alphanumeric characters; for example, #, %, or ^.

    You must have numbers and non-alphanumeric characters, but as you can have either uppercase or lowercase letters then neither of the first two options were imperative. It's all in the semantics I guess :hehe:

  • July 12, 2016 at 6:36 am

    #1889582

    Thanks for the question.

    Need an answer? No, you need a question
    My blog at https://sqlkover.com.
    MCSE Business Intelligence - Microsoft Data Platform MVP

  • July 12, 2016 at 6:42 am

    #1889588

    HappyGeek (7/7/2016)

    Good question thanks, guess I am just too used to using all 4!

    +1

    btw, Nice question. Thanks for sharing.

  • July 13, 2016 at 2:19 am

    #1889773

    I wish the documentation was consistent, but we have the SQL Server 2016 pssword policy page telling us we have to have 3 out of the 4 so we could have just upper case, lower case and numbers or just upper case, lower case, and symbols; and the SQL Server 2016 strong passwords page that tells us we have to have numbers, we have to have symbols, and we have to save some letters (either upper case or lower case or both). These two both deliver the answer 3 for this question, but they contradict each other as to whether numbers are mandatory and whether symbols are mandatory. Add to that "at least 8" and "more than 8" in various places and there appear to be four different stories as to what counts as a strong password in SQL Servr 2016!

    Of course the idea that 8 (or 9) character passwords are strong is ludicrous anyway.

    Good question and answer, but lousey microsoft documenation.

    Tom

Viewing 8 posts - 16 through 22 (of 22 total)

You must be logged in to reply to this topic. Login to reply