Password

How do i get a password from the master database for a sql user account?
Someone created a password for a sql account and forgot what it was...Would you like me to send you a stored procedure that lists all the users and their passwords, and then exports their credit card numbers and bank accounts to a text file and emails it to you, along with the home addresses, telephone numbers, and current salaries of all the business' top officers, and then shuts down the building's alarm system and unlocks the back door while displaying snow on all the closed-circuit TV monitors?

Well you can't have it. 'Cause its a SECRET! That is what a password is for.

ASSUMING you are actually a person of responsibility, and are not just jonesing for help breaking into a system, then with SA authority you can reset their password to whatever you (or they) want it to be.|||How do i get a password from the master database for a sql user account?
Someone created a password for a sql account and forgot what it was...As a member of the sysadmin group (sa, a domain administrator, and possibly others), you can simply use SQL-EM (Enterprise Manager) or sp_password to forcibly reset the password to whatever you choose.

-PatP|||blindman. -- that was pretty harsh words.
i can easily reset the password through enterprise manager but i do not want to break the application.|||perhaps there's an easier way to get it from the application instead?|||blindman. -- that was pretty harsh words.
i can easily reset the password through enterprise manager but i do not want to break the application.I'll conceed that blindman was rather harsh in his response, but consider your request... We don't know you, have no way to know if you are a legitimate admin in a hard place, or yet another teenager that doesn't like the way that their server is being administered and wants to "take it over to run it right".

You can't exactly expect strangers to be forthcoming with the kind of information that you are requesting... At least not if they are even quasi-responsible people.

-PatP|||What kind of application breaks because a password gets reset?|||unfortunately, I can name a few. They're usually also the kind a password is badly maintained/known/etc.|||If I thought real hard I could possibly imagine a more serious design flaw, but I don't have the time right now...|||funny thing is, that these programs are often so bad that the passwords are easy to guess :)|||but I don't have the time right now...

Since when?

Anyway...don't have such a thin skin...you in IT?

Better get used to it...this is a good place (doesn't show up on the review)

Anyway, Are you talking about application, SQL Server, Or Mixed Security?

I wasn't sure.

And of all of these, only SQL Server security might be needed to maintained by the admin...the rest should be done by the user.

What gives?|||P.S.

You didn't think that was funny?

You gotta just get used to it...and since he doesn't know you...how could it be personal?

It's just bd'ness...|||Sorry jcwc888, but you also have to realize you are not the first person to post the question "How do I find out a user's password" on this forum.

Passwords in SQL Server (as in most secure applications) are stored using a one-way encryption algorithm. That means you can't decipher them even if you know the algorithm that was used.|||Sorry jcwc888, but you also have to realize you are not the first person to post the question "How do I find out a user's password" on this forum.

Passwords in SQL Server (as in most secure applications) are stored using a one-way encryption algorithm. That means you can't decipher them even if you know the algorithm that was used.

If you're talking about SQL Server security...then I beg to differ...(the part about not finding out id's and passwords).

But I'm no snitch...|||...Yup, have in my possession a couple (at least) of thingies that would do a pretty good job hacking an SA password. In our 120+ server environment managed to identify a couple of thousands of WEAK passwords for non-SA accounts (SA has a pretty good xx-character pwd).

But that's not the issue. In 6.5 world it was VERY easy, I didn't even save the script because it's too easy to reproduce. In 7.0 and 2K it won't work because as blindman said, it's a "one-way encryption algorythm", so without resetting it you may want to become a hacker for a couple of days (may take longer, depends on the hacking weapon you choose ;))|||What qualified as "weak" passwords? Just the usual "November01", "MyUserName + 01" type of crap?|||Actually worse, when Login=Password or Login=NULL_PASSWORD|||Weak?

That's like a martini left in ice for an hour...

bleach