On Linux, where does SQL Server store the "SQL Server password policy" and the SA user's password? I get it, "password" isn't secure.
ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is too short. The password must be at least 8 characters..
and then,
ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is not complex enough. The password must be at least 8 characters long and contain characters from three of the following four sets: Uppercase letters, Lowercase letters, Base 10 digits, and Symbols..
I'm guessing the policy is actually compiled into the database? And the password gets stored in an obscure location?
Best Answer
The
sa
user is a SQL Server login and its password is encrypted and stored in the DMVsys.sql_logins
(Database Management View) in themaster
database.Reference: sys.sql_logins (Transact-SQL)
You might notice that these views can only be found in the following branch:
The DMVs reference some system base tables, which can be accessed (but shouldn't):
Reference: System Base Tables
The policy you are looking for is built in to the code of SQL Server and is set per default for each new account. When creating a SQL Server Login you can decide to turn off the defaults:
... via
CHECK_POLICY=OFF
. See the full syntax:Reference: CREATE LOGIN (Transact-SQL)
If the SQL Server is a member of a Windows Domain, then it will retrieve the password policy from Active Directory. Otherwise the defaults are:
Reference: Password Policy