Apr 2025 Discount: Comprehensive Database Performance Health Check | Testimonials

Home

SQL SERVER – Setting up a Robust Password Policy

Pinal Dave
SQL Tips and Tricks
1 Comment

SQL SERVER - Setting up a Robust Password Policy passwordpolicy-800x561 Today’s topic of Setting up a Robust Password Policy often emerges during my Comprehensive Database Performance Health Check consultations. Recently, I had a conversation with a client who was uncertain about the origin of the SQL Server’s password policy. This conversation shed light on the fact that there’s a need for a clearer understanding of how SQL Server’s password policies tie into the wider Windows system.

SQL Server, one of the most popular relational database management systems, offers a wide array of security measures. One of these measures is the implementation of robust password policies.

Setting Up a New SQL Server Login

The first step toward secure data management is creating a new SQL Server Login. Here’s how you do it:

Launch your SQL Server Management Studio and connect to your SQL Server Instance.

Once connected, expand the ‘Security’ section. Right-click ‘Logins’ and choose ‘New Login…’ from the popup menu. This action will open up the Login dialog box.

SQL SERVER - Setting up a Robust Password Policy password1

In the Login dialog box, you’ll see checkboxes for ‘Enforce Password Policy’ and ‘Enforce Password Expiration’. If you select these checkboxes while creating the new SQL Server logins, SQL Server will leverage the Windows password policies set by the Windows administrator across the organization. Finally, click ‘OK’ to create the SQL Server Login. By default, the new login will have a ‘Public’ server role.

Finding the Password Policies

Now that you’ve created a new login, you might wonder where you can find the password policies. Here’s a quick guide:

Navigate to ‘Start | Control Panel | Administrative Tools | Local Security Policy’ or run ‘SECPOL.MSC’ from Command Prompt.

Expand ‘Security Settings | Account Policies | Password Policy’ to review the local policies on your machine.

SQL SERVER - Setting up a Robust Password Policy password2

Understanding Password Expiration

One crucial aspect of password security is password expiration. If the SQL Server password isn’t changed within the ‘Maximum Password Age’ window, it will expire, potentially leading to unplanned downtime for your applications. Therefore, it’s essential to change your password before the password expiration age in a planned way.

If your password expires, you will encounter the following error message in the SQL Server Error Log:

Logon Error: 18487, Severity: 14, State: 1.
Logon Login failed for user 'Login Name'. Reason: The password of the account has expired.

Wrapping Up

Establishing a robust password policy is a critical part of database security. It’s a simple yet effective way to enhance the security of your SQL Server environment and protect your data from unauthorized access.

You can always reach out to me on LinkedIn.

Reference: Pinal Dave (https://blog.sqlauthority.com)

SQL Password, SQL Server Configuration, SQL Server Security
Previous Post
Calculating Extended Internal Rate of Return (XIRR) in SQL Server with T-SQL
Next Post
SQL SERVER – Generating Complex Passwords with T-SQL

Related Posts

1 Comment. Leave new

  • Carlos Ucañan Rivera
    January 10, 2025 7:55 am

    Gracias por la información. Consulta: sé que no es lo idea pero tenemos una sesión de usuario en SQL Server que no deseamos que expire, En este caso, cuál sería su sugerencia? Se agradece de antemano.

    Reply

Leave a Reply

Pinal Dave is an SQL Server Performance Tuning Expert and independent consultant with over 22 years of hands-on experience. He holds a Masters of Science degree and numerous database certifications.

Pinal has authored 14 SQL Server database books and 88 Pluralsight courses. To freely share his knowledge and help others build their expertise, Pinal has also written more than 5,800 database tech articles on his blog at https://blog.sqlauthority.com.

Pinal is an experienced and dedicated professional with a deep commitment to flawless customer service. If you need help with any SQL Server Performance Tuning Issues, please feel free to reach out at pinal@sqlauthority.com.

Pinal is also a CrossFit Level 1 Trainer (CF-L1) and CrossFit Level 2 Trainer (CF-L2).

Nupur Dave is a social media enthusiast and an independent consultant. She primarily focuses on the database domain, helping clients build short and long-term multi-channel campaigns to drive leads for their sales pipeline.

Comprehensive Database Performance Health Check

Is your SQL Server running slow and you want to speed it up without sharing server credentials? In my Comprehensive Database Performance Health Check, we can work together remotely and resolve your biggest performance troublemakers in less than 4 hours.

Once you learn my business secrets, you will fix the majority of problems in the future.

SQL Server Performance Tuning Practical Workshop

Have you ever opened any PowerPoint deck when you face SQL Server Performance Tuning emergencies? SQL Server Performance Tuning Practical Workshop is my MOST popular training with no PowerPoint presentations and 100% practical demonstrations.

Essentially I share my business secrets to optimize SQL Server performance.