Solved

Forgotton SQL Server 2008 SA Password

Posted on 2016-09-12
13
40 Views
Last Modified: 2016-09-12
Hello,

I have an instance of SAGE DB installed but I do not no the password to the SA account. My own account has access to the DB via SQL Express Management Studio so I have admin rights to reset the password for SA but I want to know if this is a safe thing to do or if it will cause problems? I am not a SQL expert so don't want to cause unnecessary problems.

Thanks,
0
Comment
Question by:gbarnes0990
  • 5
  • 4
  • 2
  • +1
13 Comments
 
LVL 5

Expert Comment

by:chanderpal singh rathore
ID: 41793995
Hi ,

You can reset the password by logging  from windows authentication instead of 'sa"  and there is no issues in that.
0
 

Author Comment

by:gbarnes0990
ID: 41793997
Thanks Chanderpal. I have a Windows Authentication account I can login with. Just to be clear I can use this to reset the SA password? Theres no chance the SA account has dependancies in SQL that would cause problems once I reset the password?
0
 
LVL 5

Accepted Solution

by:
chanderpal singh rathore earned 500 total points
ID: 41794000
No there is no problem in doing that as I have done it many times, when I forgot the password.

This is the same process if you want to change the password so there is no issue by using windows authentication for resetting "sa" password.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 48

Expert Comment

by:Vitor Montalvão
ID: 41794008
I want to know if this is a safe thing to do or if it will cause problems?
It depends. Do you have any process that's using SA account to run task over the SQL Server instance or databases? If affirmative then those processes will return error so remember to reapply the new credentials of SA on those processes.
If you're sure that SA is not using anywhere then it's very safe to change the password.
0
 

Author Closing Comment

by:gbarnes0990
ID: 41794018
Changed password and all seems ok. Change was made before last expert comment came in.
0
 
LVL 48

Expert Comment

by:Vitor Montalvão
ID: 41794020
Now wait for the side effects. If any then reentry the new password for the SA credentials where it's failing.
0
 
LVL 26

Expert Comment

by:Zberteoc
ID: 41794143
The sa account is the default login and user that is setup at the moment of teh SQL sever installation. The account does not have to be use and the best practices tell you shouldn't use it. Because is the default account all the hackers will try to use it first in order to break into a SQL server. For this reason when you setup the password it should be a very complicated one and you should write in down in a safe place. This account also can be used as a safe backdoor sometimes if after you setup a SQL server you don't have any other sysadmin login to use. In any case the idea is that yous should not use this account in applications but only for admin purposes or is in SQL jobs that are meant for administrative tasks and should be free of any personalized login/user dependences. In this case, if you have jobs that run under the sa account they will fail if you change the password and you will have to update it. If it is used in any application, even internal one, you should change that login with another one that you can create or choose from existing with the sufficient permissions it needs.

Some go the distance to rename the sa login or even disable it. Here is a good article that explains how can you secure the sa login:

https://www.mssqltips.com/sqlservertip/3695/best-practices-to-secure-the-sql-server-sa-account/
0
 
LVL 48

Expert Comment

by:Vitor Montalvão
ID: 41794156
In that article is missing the most obvious one:
- Configure SQL Server instance to use only Windows Authentication. This way SA user will be never able to login even if everybody knows the password.
0
 
LVL 26

Expert Comment

by:Zberteoc
ID: 41794170
That is not recommendable because in that case you cannot use SQL users on the server.
0
 
LVL 48

Expert Comment

by:Vitor Montalvão
ID: 41794182
Correct. That's why is recommendable. Let the AD do all the security work.
We have it here in more than 4000 SQL Server instances. No SQL logins are allowed in this company for many years already. Microsoft also doesn't recommend it. Just check their Authentication mode article:
"Windows Authentication is the default authentication mode, and is much more secure than SQL Server Authentication.
(...)
Important:
When possible, use Windows Authentication"
0
 
LVL 26

Expert Comment

by:Zberteoc
ID: 41794198
The last point is the most important:
Important:
When possible, use Windows Authentication"


There is nothing wrong with SQL authentication if the setup is correct and many prefer it. In the case of your company it is just a policy.
0
 
LVL 48

Expert Comment

by:Vitor Montalvão
ID: 41794208
Nothing wrong but when you work in a bank where security is more important than everything (even performance) this is one of the first things to set. We even have a night job that runs over all SQL Server instances to check if nobody changed the authentication mode. If it finds a change then an incident is immediately raised and emails sent to top managers informing about the security hole.
0
 
LVL 26

Expert Comment

by:Zberteoc
ID: 41794224
Especially in a Swiss bank... :o)
1

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally there is a need to clean table columns, especially if you have inherited legacy data. There are obviously many ways to accomplish that, including elaborate UPDATE queries with anywhere from one to numerous REPLACE functions (even within…
In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
Via a live example, show how to extract information from SQL Server on Database, Connection and Server properties
Via a live example, show how to shrink a transaction log file down to a reasonable size.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question