Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password Recovery

Status
Not open for further replies.
ecobb

ecobb

Programmer
Dec 5, 2002
2,190
US
Is there any way for SQL Server (2000) to show what the password for a login is? I have a program that accesses the database, and I need to know what the existing password for that account is. If I change the password, that will mean having to reset the connections on approx. 100 computers. Please help!

Thanks
 
Sort by date Sort by votes
You have 100 computers connecting to a database and don't know what password they all use? No I believe SQL server uses a 1 way hash password system in which you can't get that information.

Looks like to me you need to update your policy and proceedures so this password isn't lost.

Please don't tell me you have all the computers logging in as SA!?!?! If not, have you lost that password too?
 
Upvote 0 Downvote
This database was set up for one of our clients over 3 years ago. They have a main program that all of their employees access via Citrix. The program accesses the database through a single ODBC connection that was hard coded into the program by the software vendor (over 3 years ago). None of us that are involved in this situation were around when everything was set up.

And no, I have not lost the SA password, thank you very much. As stupid as it was for the software vendor to have the connection hard coded into their program, only a damn fool would hardcode an SA account into it. My policies and procedures are much different than those here before me, who thought that 'sa' and 'blank' were the only connections anyone needed.
 
Upvote 0 Downvote
I'm wondering why you need the password though. As is there another way to achieve what you need. You need the current applications to continue running and they are hard coded so you can't change the server name user and password. If you need new applications to access the database then you can create a new user.

About the only way you are going to get the password is a brute force attack. Seeing they where lax the password is probably something easy and a dictionary attack might reveal it. Though I'm not sure you might be able to sniff the password off the network also. Depends on where the hashing is done.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

GCL2007
  • Locked
  • Question
Simple Recovery model - Huge Trans Log
Replies
0
Views
277
GCL2007
GCL2007
bvuong
  • Locked
  • Question
Passwords not changing
Replies
3
Views
93
gmmastros
gmmastros
RottPaws
  • Locked
  • Question
MSSQL 2005 Express reinstall sa password error
Replies
1
Views
81
metevil80
metevil80
wooddsw
  • Locked
  • Question
Log Shipping Subscriber Recovery Mode
Replies
0
Views
59
wooddsw
wooddsw
brage98
  • Locked
  • Question
Restore With Recovery through SMO
Replies
0
Views
47
brage98
brage98

Part and Inventory Search

Sponsor

Back
Top