SQL Server Local Account Passwords

Issue

Weak passwords are one of the main causes of security breaches. Examples of weak passwords are names of children or pets, or common words found in the dictionary, such as "happy."

It is outside the scope of this tool to check for all possible weak passwords on SQL accounts. Rather, this tool only checks for a few commonly used weak passwords as outlined below:
 

  • Password is blank
  • Password is the same as the user account name
  • Password is the same as the machine name
  • Password uses the word "password"
  • Password uses the word "sa"
  • Password uses the word "admin" or "administrator"

    This check also notifies you of any accounts that have been disabled, or are currently locked out.

    • Solution

    Set a complex password on all local SQL accounts. Follow the recommendations for strong passwords.

    Additional Information

    Implementing Guidelines for Strong Passwords

    Assigning an sa Password

    ⌐ 2002 Microsoft Corporation. All rights reserved.