Results 1 to 8 of 8
  1. #1
    Join Date
    Oct 2004
    Posts
    30

    Question Unanswered: Password Changes in SQLServer

    Is there a way to find out if a user has not changed his/her passord in more than 90 days. I need to find the date of last password change and days since last password changes.

    Thanks in Advance.

  2. #2
    Join Date
    Feb 2004
    Location
    In front of the computer
    Posts
    15,579
    Provided Answers: 54
    The only way that I know to do this is to create a table with three columns, one for the login name, one for the current (hashed) password, and one for the date the last change was detected. Periodically (probably daily) check to see if there are either new logins or new password values.

    -PatP

  3. #3
    Join Date
    Jul 2003
    Location
    San Antonio, TX
    Posts
    3,662
    Well, I wouldn't say that that's the only way. In fact, all you need is 2 columns, login and lastchanged. I've gone a little further and modified 3 system procedures, - sp_password, sp_addlogin, and sp_droplogin by implementing password aging and compexity. By having the table above you can incorporate UPDATE, INSERT, and DELETE into/from it respectively.
    "The data in a record depends on the Key to the record, the Whole Key, and
    nothing but the Key, so help me Codd."

  4. #4
    Join Date
    Feb 2004
    Location
    In front of the computer
    Posts
    15,579
    Provided Answers: 54
    You've got a point, but modifying system supplied stored procedures or triggers will get you a reserved seat in the "naughty" section in my opinion. I wouldn't consider recommending that, and probably wouldn't permit it in any environment that I can control.

    -PatP

  5. #5
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    Just use trusted connections
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  6. #6
    Join Date
    Jul 2003
    Location
    San Antonio, TX
    Posts
    3,662
    Quote Originally Posted by Pat Phelan
    You've got a point, but modifying system supplied stored procedures or triggers will get you a reserved seat in the "naughty" section in my opinion. I wouldn't consider recommending that, and probably wouldn't permit it in any environment that I can control.

    -PatP
    There are no system triggers. Modifying system stored procedures? If you know what you're doing, and if your Change Management process is in place, - I see no problem with that. After all, it's those modifications that prompted Yukon development team to implement...well, you'll see it in the next CTP.
    "The data in a record depends on the Key to the record, the Whole Key, and
    nothing but the Key, so help me Codd."

  7. #7
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    Come on...you can say it.....

    Better yet, if you're interested download 2005 BOL
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  8. #8
    Join Date
    Jul 2003
    Location
    San Antonio, TX
    Posts
    3,662
    Too much inaccurate info there. It hasn't matched a single Beta-2 built yet
    "The data in a record depends on the Key to the record, the Whole Key, and
    nothing but the Key, so help me Codd."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •