SQL Server by default follows Windows password policy requirements for SQL Server Login accounts. This forces you to follow the same policy for SQL Server logins as you would for windows logins and this is a good thing. But sometimes you want to bypass that validation maybe to get a test login in place. You can do this by using CHECK_POLICY = OFF. For example when I try to create a login using this statement I get an error.
CREATE LOGIN test_user WITH PASSWORD = 'password123'
Msg 15118, Level 16, State 1, Line 1
Password validation failed. The password does not meet Windows policy requirements because it is not complex enough.
The error itself tells me that my password does not meet policy requirements. The policy on my machine requires me to have at-least one upper case letter in my password. To bypass this requirement I can execute this statement which will create my SQL Login.
CREATE LOGIN test_user WITH PASSWORD = 'password123', CHECK_POLICY = OFF
You should however use this with caution because password policies are there for a reason i.e. to make your environment more secure.
2 Responses to Bypass Windows Password Requirements For SQL Login
Leave a Reply
Connect with me
-
There are a lot of tools and utilities that can be downloaded and used to recover, reset, retrieve or reveal existing password. These windows password recovery utilities, free or paid, are usually a Linux boot disk or CD that able to comes with NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes, or can brute force crack the password for any user account including the Administrators. The advantage is that there is no fear of leaking your password to outsiders, while the process requires physical access to the console and a floppy or CD drive, depending on which tool you choose. And it’s not easy, although it always work!
Below is the most famous recovery tool I found:
Windows Password Recovery Tool 3.0 – it is the most popular Windows password cracker . It is a very efficient implementation of windows any versions. It comes with a Graphical User Interface and runs on multiple platforms.
Password Recovery Bundle –This is a utility to reset the password of any user that has a valid (local) account on your windows system. You do not need to know the old password to set a new one. It works offline, that is, you have to shutdown your computer and boot off a floppydisk or CD. It’ll detect and offer to unlock locked or disabled out user accounts. It is also an almost fully functional registry editor.
Windows Password Key 8.0 -It is considered as the best tool to reset local administrator and user passwords on any Windows system. It creates a password recovery CD/DVD, USB Flash Drive for home, business and enterprise. And most of all, it’s the most popular and safe solution for removing your Windows password until now.
Susan,
Thanks for your comment. Windows Password Key looks interesting. This is something I should have got myself when I was in those sticky situations.