Hi,
Is there any way of decrypting password value stored in sysxlogins table of SQL database?
Thx in Adv
This is a SQL Server 2000 table that is no longer available in SQL Server 2005. The password value normally contains a SHA1 hash of the password (unless the password is for a login created in a previous version and maintained through upgrade to SQL Server 2000). If the value is NULL and the login is a SQL login, it means that the password is empty. Otherwise, to determine the password, you would have to do a brute force attack on the hash. If the password is weak, a brute force attack will be quite successful, so it's very important to have strong passwords.
In SQL Server 2005, password strength can be enforced on Windows 2003 systems to follow the Windows password policy settings. Also, these password hashes can only be seen by a sysadmin now. Furthermore, empty passwords cannot be as easily identified, they have a hash as well rather than showing up as NULL.
Thanks
Laurentiu
sql
No comments:
Post a Comment