I have Windows Server 2016, with SQL Server 2017, and found Windows Log Application is full of Login failed messages (as follows) :
Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: ****]
Client's IP addresses are various. I don't have any maintenance plan in SQL Server
What's the problem?
Best Answer
A login attempt was made from the IP address given. The attempt was to log in using the credential
sa
. A password was supplied but it was not the correct password.sa
is the default sysadmin credential in SQL Server. Errorlog spam with this message usually means 1 of 2 things.sa
crendentialIf it's #1, then go to the application you're hosting at that IP address and change its webconfig.
If it's #2, then you need to blacklist that IP address - preferably by firewalling your database server off from the public internet (which you should really do anyways to be frank).
See also:
sa
best practices