Results 1 to 3 of 3
  1. #1
    Join Date
    Jul 2002
    Posts
    58

    Unanswered: Any way to disable SQL logins after failed tries?

    We're using a canned app that only uses SQL Server logins (it will NOT use Windows logins to access SQL Server)

    SQL Server logins seem to lack even the most rudimentary security features such as expiring passwords and automatic disabling after a set number of failed logins. Bad. Bad Microsoft.

    Has anyone figured out a way to graft this on after-the-fact?

    I can do it in an awkward fashion by auditing failed logins and going back to read the error log, but this isn't real time by any stretch.

  2. #2
    Join Date
    Dec 2002
    Posts
    1,245

    Re: Any way to disable SQL logins after failed tries?

    To the best of my knowledge, there is no innate feature in MS SQL that will allow you manage SQL Server logins as you wish. This lack has been noted before (cross your fingers, MS will deal with this in Yukon).

    We wrote a custom app and created this kind of failed-login checking, but that does not sound like an option for you.

    Can you do something with a scheduled job at the SQL error log (you'd have to enable logging of failed login attempts)?

    I think there is a way to load the error log as a table. Then you could search for failed logins and (if the number exceeded your threshold) disable it.

    I think it's doable, but I have not had the need to accomplish this particular task.

    Regards,

    hmscott

  3. #3
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322

    Re: Any way to disable SQL logins after failed tries?

    Originally posted by hmscott
    To the best of my knowledge, there is no innate feature in MS SQL that will allow you manage SQL Server logins as you wish. This lack has been noted before (cross your fingers, MS will deal with this in Yukon).

    We wrote a custom app and created this kind of failed-login checking, but that does not sound like an option for you.

    Can you do something with a scheduled job at the SQL error log (you'd have to enable logging of failed login attempts)?

    I think there is a way to load the error log as a table. Then you could search for failed logins and (if the number exceeded your threshold) disable it.

    I think it's doable, but I have not had the need to accomplish this particular task.

    Regards,

    hmscott
    I doubt it...since SQL Server "security" is not the way to go....you can "See" passwords as plain as day....oh, I forgot....M$ describes this as a feature.....
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •