revelaing sa username and password 1

richey1 · Nov 2, 2004

just a quick question.....................

what is the impact if ou sa username and password are revelaed ? how can someone hack in ?
even if the password is changed is there any checks that can be done that check nobody has added users or changed the master tables or something else whilst the password was revealed that would harm us even after changing the password ?

thanks
tony

SQLBill · Nov 3, 2004

Say after me....revealing the SA password is VERY BAD!

Remember the worm that went around the world quickly and targetted SQL Server machines. That was because it was revealed that SQL Server's SA account has a blank password and most people weren't changing it.

Bottom line: Anyone with the SA password has just become GOD on your SQL Server. You can't catch them doing anything (at least not easily)...why not - they are GOD on the system, they are allowed to do anything they want.

Why would you need to reveal the password? Just give the user the permissions they need to do the job.

-SQLBill

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

revelaing sa username and password 1

richey1

Technical User

SQLBill

MIS

Similar threads

Part and Inventory Search

Sponsor