HiveBrain v1.2.0
Get Started
← Back to all entries
patternsqlMinor

Auditing Failed Logins in SQL Server

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
sqlloginsfailedserverauditing

Problem

Are there ways to understand which password entered when connecting to my server ?

Solution

The password is never recorded. If it was it would be the first place a hacker would check for clues about correct passwords.

By default, TDS (Tabular Data Stream, the network protocol used by SQL Server), encrypts SQL Server secured passwords before sending them over the network. If Active Directory logins are used with Kerberos authentication (the default), the client doesn't even send an encrypted version of the password over the wire, instead it sends proof of the Kerberos ticket to the server for authentication. This means you cannot even sniff network traffic to determine what password has been tried.

Context

StackExchange Database Administrators Q#205059, answer score: 3

Revisions (0)

No revisions yet.