[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 268
  • Last Modified:

Enforcing password strength in a SQL server 2005 user table

I have a table with usernames and passwords for a CMS, but would like to enforce password strength restrictions at the database level so that bad passwords can not be inserted or updated.

We consider a bad password to be one that:
- is less than 6 characters
- does not include a number
- does not include an upper and lower case character

How can we go about this?
0
BuddhaNature
Asked:
BuddhaNature
1 Solution
 
BrandonGalderisiCommented:
The problem is that this should be handled by the application accepting the password because you should never store passwords in cleartext in the database.  It should always be stored as a salted hash.


There are discussions about this topic all over including:
http://www.eggheadcafe.com/software/aspnet/32283437/hashing-passwords.aspx
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now