 | |||
|
|
||
| |||
| |||
| ||||||||
|
|
|||||||
|
|
|
|
| FAQ: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
||||||||||||||||||||||||||||||||||||||||||||
1. How can I fix an application that isn't resolving username/password? If you can connect to SQL Server and access the user database using Query Analyzer from the client machine logged in as the same windows user who executes the application, the problem is surrounding the way the application is connecting to SQL Server rather than any general SQL Server authorization set up issue. Forgive me if I am stating the obvious but it must be cleared up. For the application to use Windows Authentication it must have an option to choose between Windows Authentication or SQL Server Authentication. You do NOT type in the username and password of your Windows User Account into the application to connect to SQL Server using Windows Authentication. You only type in a username and password into an application to use SQL Server Authentication, the Windows Authentication information is based on the user who you are currently logged into Windows as. For the application to connect to using SQL Server using Windows Authentication it will have to send a different connection string than what it sends when connecting using SQL Server Authentication. Check with your developer to ensure that the correct connection string is being set within the application. I would also run SQL Server Profiler and trace the "SecurityAudit:Login" and "SecurityAudit:Login Failed" events. From this trace you can see
1) If the application is even trying to connect to SQL Server when the application is using Windows Authentication and 2) If what authorization
credentials are being sent to SQL Server.
2. Why can't I log in with 'SA' and 'password'?
That is because someone has set the security for the server to accept integrated only. When set that way, you can not log in using a standard SQL
Server login.
3. How do I change the SQL Server password from the control panel? I decided to change my SQL Server service password from control panel --> services, but after that I couldn't connect to my instance of the server. Any suggestions?
No, because your connection to a SQL Server has absolutely nothing to do with the password for the account SQL Server is running under. The only
thing that password affects is whether the SQL Server starts up.
4. Can I change the 'SA' password without my old password? Use OSQL with the –E option (for authenticated user). If you are an administrator of the OS, you will get in without being prompted for the sa password. Once you are at the OSQL interactive prompt, issue the following command: EXEC sp_password NULL, 'newpassword', 'username' GO —Steven Andres, Security Expert Return to password FAQs 5. How can I create a username/password for an SQL Server database? Here is a great article by Steve Jones that will get you started with SQL users and logins: Beginning SQL Server -- Logins and Users. —Steven Andres, Security Expert 6. What is the best way to encrypt password fields? All it requires is for you to utilize an encryption algorithm in your application. Data coming in is encrypted and then sent on to the SQL
Server where it is stored. When a validating a user, it passes through your application where the process is reversed. I would very strongly
recommend that when you are doing this, that algorithm is locked up and very tightly controlled. In no case should it ever be used to allow a user
to decrypt the data and view it in a report or via some other manner. Once encrypted, the data should always be encrypted except during validation
processes within your application which never retains the password. There is a third-party tool that can do this for you as well called
Encryptionizer.
7. What is the password for 'SA' for an SQL Server 2000 first install? SQL Server 2000 gets you to assign a password for SA when you install the server, if you have selected mixed mode authentication. There is also
a check box you can tick if you really need to insist on a blank SA password – highly not recommended! If you only selected Windows
authentication, then converted to mixed mode, you'll need to log on using a Windows login, then assign a password to SA.
8. Can I recover my password in SQL Server 2000?
There isn't a method to reverse the password stored by SQL Server. If you're using mixed mode, you might be able to use a network sniffer to see
the password zoom by on the wire.
9. How can I set a password on a database in SQL Server 7.0? Within the SQL GUI tools, look into setting the "SA" password and also create a regular login for users of the application.
10. Can I find out which password I have assigned to the user schema? There isn't a method to reverse the password stored by SQL Server. If you're using mixed mode, you might be able to use a network sniffer to
see the password zoom by on the wire, but your best bet is to change the password and deal with the consequences.
|
|
|
|||||||||||||||||||||||||||||||||||||||||||
|
|
 |  |  | |  | |  | |  | |  | |  | |  | |  | |
|
|
About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS |
|
|
||
|
|||||||
