Solved

SQL 2005 password recovery

Posted on 2009-04-09
6
3,242 Views
Last Modified: 2012-05-06
Hi,
I have forgotten the sa password in SQL 2005, any free utility to reveal the password for this, I  do not wish to change the password as it would be pain to change everywhere in the scheduling and application which i wish to avoid. I am able to login with windows authentication but i need the sa password.

regards
syinfra
0
Comment
Question by:syinfra
6 Comments
 
LVL 16

Accepted Solution

by:
Carol Chisholm earned 100 total points
ID: 24105237
0
 
LVL 12

Assisted Solution

by:Dimitris
Dimitris earned 100 total points
ID: 24105259
You have said that several applications are using the sa account.
If Yes then retrieve the password from that applications
If no then there is no problem to change the sa password because no application use it. The schedule tasks in SQL Agent are not requiring the run user password (sa) so changing the password will not have any affect
Also maintenance plans etc also ate triggered through SQL Agent, so no problem again.

Only the applications will have a problem if you can't retrieve the password from them.
But it is not a good practice to allow applications accessing SQL server with sa privileges. I would suggest to change the applications user also in order to minimize the security risk.

Also I don't think that a utility of retrieving SQL sa pwd exists, the algorithm is one-way and you can't from the hash password to get the initial value...

Hope that i could help you.
Regards
0
 
LVL 11

Assisted Solution

by:bmatumbura
bmatumbura earned 100 total points
ID: 24105336
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 20

Assisted Solution

by:Marten Rune
Marten Rune earned 200 total points
ID: 24106068
Listen to dankangr or you will most probably end up with virus in your production.

If you need to 'get' the SA pwd, then stop one of the applicatons that relies on SA (witch is a really poor design by the way), now sniff your SQL network interface alternatively the application servers network, then start the application and bingo, you have the password.

There is no breaking SQL2005 passwords that I know of.

/Marten
0
 

Author Comment

by:syinfra
ID: 24130173
Hi,
How can i retrieve the password by sniff , which is the suitable sniffer for such activity.

regards
syinfra
0
 
LVL 20

Assisted Solution

by:Marten Rune
Marten Rune earned 200 total points
ID: 24131368
Microsoft has a network monitor, or there is wireshark.
The password is obfuscated, read: http://www.nextgenss.com/papers/tp-SQL2000.pdf

I believe the same 'encryption' is used in sql2005.

Personally I would change it, best practice is to change it frequently. You should not be forced to have a specific SA password ever. Then there is something wrong with the design.
 
/Marten
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So every once in a while at work I am asked to export data from one table and insert it into another on a different server.  I hate doing this.  There's so many different tables and data types.  Some column data needs quoted and some doesn't.  What …
Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question