Is SQL2K Login case sensitive

  • Can i set sql logins to take only case sensitive passwords.

    Being that Win2k and w2003 has the facility to force password length and is case sensitive, does sql server  offer the same protection or is this a week link in w2k/sql2k operation.

    Regards

    Don Grover

  • SQL Server passwords are not case-sensitive, and I don't think you can change that. 

    If you wanted to make sure SQL Server passwords had a minimum length or some other measure of complexity, you'd probably have to edit sp_password (I might get flamed just for suggesting that!), since you can't put triggers on system tables, and even if you could, the plain-text version of the trigger would be unavailable.

    Of course, MS would say that this "only" applies to SQL-authenticated logins.  Windows-authenticated logins automatically enjoy all the additional functionality of the Windows password policies.

    Cheers,

    Chris

  • Thanks for verifying it,.

    Seems a bit of a loose end as far as security.

    Don

  • Yeah, they really are pushing for you to use WIndows Authentication for optimal security.

  • Passwords will be case-sensitive if the server (or instance) is created with a case-sensitive collation.



    --Jonathan

  • Doh!  I didn't even think about that, because we never install case-sensitive servers anymore. 

    Thanks for the correction, Jonathan.  

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply