Today our data security officer asked me to get list all SQL Server logins that have blank passwords and SQL Server logins that have password exactly same as username. Below script can be used to retrieve those weak SQL Logins.
Blank Passwords
1 2 3 4 5 |
SELECT name as [User Name],type_desc as [Login Type],is_disabled,default_database_name,create_date,modify_date FROM sys.sql_logins WHERE PWDCOMPARE('',password_hash)=1; |
Passwords that are the same as the Login name
1 2 3 4 5 |
SELECT name as [User Name],type_desc as [Login Type],is_disabled,default_database_name,create_date,modify_date FROM sys.sql_logins WHERE PWDCOMPARE(name,password_hash)=1; |
Leave a Comment