Saturday, January 20, 2018
Term: SA Password Lost
1 post(s)

SQL Server - Backdoor to SA Account

By Saleem Hakani on 9/21/2014

You are a proud and a trusted DBA of your organization who is responsible for some important services running on SQL Servers in the production environment. To prevent any unauthorized access to your production environment, you have decided to perform the following steps that are kind of best practices to secure your company’s SQL Servers from any unauthorized access:

You have removed any and all built-in administrators account from SQL Server logins.

You have removed all users (except SA) that were part of SYSADMIN server role (Including any Windows Accounts and/or SQL Server logins)

You have set the password of SA account to something extremely complex which would be hard for anyone to guess or remember.

For day-to-day operations on SQL Server, you use your domain user account which has DBO permissions on user databases but doesn’t have SYSADMIN privileges on the system.

You have not documented the SA password anywhere to prevent others from knowing the SA password. (Also, it’s not a good practice to document the password)

Hacking SQL Server
SA Backdoor
SA Password Lost
SQL Article Tags
Copyright [2014] by SQLCOMMUNITY.COM