September 23, 2009 at 9:55 am
I am looking at sp_help_revlogin as far as DR planning, that is, how do I recreate my logins if I have to restore to a new server.
http://support.microsoft.com/default.aspx/kb/246133/
If I store the output of sp_help_revlogin as a script can a password be recovered from this script?
I am not talking about adding logins/resetting the password by running the sp_help_revlogin output in a recovery situation, but rather a badguy recovering the password directly from the script output and logging into an application.
September 23, 2009 at 11:12 am
Everything is possible,:-) but probability of this situation is very low if your SQL login's password are strong and long enough.
I would say 12 characters with numbers, capital letters, etc. would be good to make a strong password.
September 23, 2009 at 2:55 pm
I have to agree with Sergey that it's unlikely someone would be able to decrypt the password from the script, but you can store the script in a secured directory to lessen the chance that someone could access the script file.
Greg
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply