SA Password back out plan

  • I need some quick help.

    I'm currently in the process of doing a rather urgent security lock down project.  In doing some of the leg work up front I found a particular server that has a blank sa password.  I intend to set a password for this ASAP, however, since I don't have the necessary time to fully understand all processes that are touching this account (other than DTS or jobs), I may have reason to need to re-set the password back to being blank.

    Does anyone know if 1 -- this can be done -- or 2 -- how it can be done?

    Thanks for any help that can be provided.

  • SQL Server will allow you to set it back to blank.  When you go to set the password, notice that there will be a 'blank password (not recommended)' checkbox. 

    As a side note, I think your DTS packages and jobs will be fine.  SQL Server knows that the 'sa' password has change and will still authenticate other SQL Server objects using 'sa'.  The only problems you should have are instances where you are using 'sa' and have the password hard-coded into your application or a ODBC data source.

    John Rowan

    ======================================================
    ======================================================
    Forum Etiquette: How to post data/code on a forum to get the best help[/url] - by Jeff Moden

  • You can run the sp_password stored procedure to change your SA password.

  • Do you have the ability to run a SQL trace? Turn on logon success auditing before making the change? You may not be able to get everyone, but you should be able to get the low-hanging fruit... the ones that run the most often.

    K. Brian Kelley
    @kbriankelley

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply