How to check week passwords?
As a strong security policy we also need that password are not predictable.
Many time we need to test this but checking all such predictable password with all logins
is very tedious task and any one will try to avoid.
Recently I had a issue where I need to check that certain predictable passwords are not used by
any login.
Here we can use pwdcompare function , which solves this purpose very easily.
It checks password with stored password hash from sys.sql_logins.
I want to check which logins are using password like qwedsa or password
Once we know this logins we can ask the user to change password with strong combinations.
As a strong security policy we also need that password are not predictable.
Many time we need to test this but checking all such predictable password with all logins
is very tedious task and any one will try to avoid.
Recently I had a issue where I need to check that certain predictable passwords are not used by
any login.
Here we can use pwdcompare function , which solves this purpose very easily.
It checks password with stored password hash from sys.sql_logins.
I want to check which logins are using password like qwedsa or password
SELECT *
FROM sys.sql_logins
WHERE PWDCOMPARE('qwedsa',password_hash) = 1
OR PWDCOMPARE('password',password_hash) = 1
Once we know this logins we can ask the user to change password with strong combinations.
No comments:
Post a Comment