Pau Lo
asked on
SQL Server authentication hashes
I've been tasked with seeing which MSSQL Database accounts can query the table that stores the encrypted password hashes for SQL authentication accounts across MSSQL 2000, 2005 and 2008 instances? Please can you provide the exact table these hashes are stored in, I beleive it isnt the same for all versions of MSSQL?
ASKER
That would be most useful, thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As a side note, probably a good idea for you to read the article i posted last as it looks along the lines of what you want to do...
Is this answer sufficient or do require further clarification?
ASKER
The only other thing was whether sys_logins may be "invisible" to a non sys admin, they claim the view isnt even there! Which I thought could be permissions related?
A user who doesnt have the correct level of permissions see's the sql_logins table but the password_hash column is blank.
They will only see rows for the sa account and themselves. No other SQL logins will be visible.
They will only see rows for the sa account and themselves. No other SQL logins will be visible.
Is this clarification sufficient?
I believe its only members of the sysadmins group which can see the contents of the password_hash column but I will have to check to make sure its correct.