Post reply

Password problem

  • April 22, 2009 at 12:12 am

    #384412

    Hi Expertz

    Today in one of our testing machines someone changed the 'sa' password.

    It caused a horror for some of us in the team as we couldn't reset it.

    Later we reset it using windows authentication.

    Can you please help me to find who could have changed the 'sa' password.

    Tanx 😀

  • April 22, 2009 at 1:07 am

    #981969

    There are chances that someone from the Builtin\Administrator is present in SQL Server,which can login with an ID which is member of Administrators group and reset the SA password....

  • April 22, 2009 at 1:20 am

    #981970

    YA might be.......

    But what i want to Know is there anyway to find who , when and from where the 'sa' password was reset.

    Tanx 😀

  • April 22, 2009 at 1:20 am

    #981971

    I dont know if you can find out who changed the sa pwd. Check out the sql logs to see if there is anything in there.

    You can write a DDL trigger for the alter login event to catch any change in a login from now on.

    "Keep Trying"

  • April 22, 2009 at 2:01 am

    #981985

    Who changed it -- we cannot trace unless you were running a trace.iam not sure .

    when it was changed--

    USE Master

    GO

    SELECT [name],create_date, modify_date

    FROM sys.sql_logins

    WHERE [name] = 'sa'

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply

Cookies on SQLServerCentral

This website stores cookies on your computer.

These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.

To find out more about the cookies we use, see our Privacy Policy