Export (0) Print
Expand All
Expand Minimize
This topic has not yet been rated - Rate this topic

SQL Server Login Password Strength

This rule checks whether "Enforce password policy" of each SQL Server login is enabled. If SQL Server Authentication is enabled and if the operating system version is earlier than Windows Server 2003, an attacker could repeatedly exploit a known SQL Server login password.

We recommend that you upgrade the operating system to Windows Server 2003.

If SQL Server Authentication is not required in your environment, use Windows Authentication.

Enable "Enforce password policy" for all the SQL Server logins. Use ALTER LOGIN to configure the password policy for the SQL Server login.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.