Tuesday, November 30, 2010
Standards demand that password should not be same as login name. Same standard should be implemented for SQL Server logins. So how to check that either a login on your server has same password as login name itself?
As passwords in SQL Server are stored as varbinary(128) and are not readable, so we have to use dedicated system stored procedure for this purpose. Just use following script to get SQL Server LogIns with same password as login name itself.
SELECT LogInName ,createdate
WHERE pwdcompare (name,PASSWORD)=1
Script would display name and creation date of any login which has same password as login name. Here in my case it returned a login which i just created with same password as logIn name.
The system stored procedure used in above script to compare LogIn name and password is PWDCOMPARE. Click here to read more about this system stored procedure.