February 22, 2015 at 10:23 pm
Does anyone know of a product that will allow you to store and change all of the SQL Native passwords across your enterprise? Something that could connect to all of your SQL Servers and automatically change passwords for logins from a centralized interface instead of having to do them one by one manually? I know that you can script it but that doesn't help to generate passwords that meet your enterprises complexity requirements and help change them if you suddenly need to do so.
My concern is, with all of the security breaches that happen in our various industries, some of our companies require all passwords to be changed anytime we hear about one. In a large enterprise, that can take days, even with a larger team of people.
If it could store the locations of the config files, etc. for the corresponding applications, interfaces, etc. and help change them there as well, that would be great. Anything like that?
Owner & Principal SQL Server Consultant
Im Your DBA, Inc.
https://www.imyourdba.com/
February 23, 2015 at 5:40 am
i don't think you'll find an existing product that does EXACTLY what you are after, but it's a trivial request to do via TSQL.
there's a zillion examples of random strings here on SSC
here's a handfull of examples:
you can script complex, random passwords yourself. you can change the logins to have those new passwords.
i'd just be lazy, and assign 36 character GUIDS as the passwords, with maybe a find/replace for a random character to make it extra scarey.
ALTER LOGIN [PlainOldTestUser] WITH PASSWORD = N'59D5F192-5633-4E2B-B216-314FA6DE65B6'
even better, you can disable all sql logins.
select CONVERT(varchar(40),newid()) As NewPassword,
RIGHT(master.dbo.fn_varbintohexstr(hashbytes('MD5',CAST(NEWID() AS VARCHAR(36)))),10) AS NewPassword2,
* from sys.server_principals where type_desc = 'SQL_LOGIN'
Lowell
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply