Securing SQL Server: CHECK_Expiration for SQL Server logins
source link: https://stevestedman.com/2023/05/securing-sql-server-check_expiration-for-sql-server-logins/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Securing SQL Server: CHECK_Expiration for SQL Server logins
The CHECK_EXPIRATION option is a security feature of SQL Server that allows you to enforce password expiration for SQL Server logins. When this option is set to ON for a login, it requires the login to change its password after a certain period of time has passed.
Setting the CHECK_EXPIRATION option to ON for all SQL authenticated logins within the sysadmin role is an important security measure because it helps to ensure that the passwords of users who have administrative privileges on the database server are regularly changed. This can help to reduce the risk of password-related attacks, such as brute force attacks or password cracking.
To set the CHECK_EXPIRATION option to ON for all SQL authenticated logins within the sysadmin role, you can use the following T-SQL command:
USE [master];
GO
ALTER LOGIN [sysadmin_login] WITH CHECK_EXPIRATION = ON
This command will enable the CHECK_EXPIRATION option for the specified sysadmin login. It is important to note that this will not affect other logins, or logins that are not within the sysadmin role.
SELECT *
FROM sys.sql_logins
WHERE is_expiration_checked = 0
AND name NOT LIKE '##%';
Setting the CHECK_EXPIRATION option to ON for all SQL authenticated logins within the sysadmin role is an important security measure that can help to ensure that the passwords of users who have administrative privileges on the database server are regularly changed. This can help to reduce the risk of password-related attacks and improve the overall security of your SQL Server installation.
Want to learn more about securing your SQL Server, take a look at my free white paper on sever steps to help harden your SQL Server.
Securing SQL Server Whitepaper.
Steve and the team at Stedman Solutions are here for all your SQL Server needs.Contact us today for your free 30 minute consultation..
We are ready to help!
Recommend
-
34
WebAuthn Approved As Web Standard for Password-Free Logins...
-
38
OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme. The OpenSSH team cited security concerns with the SHA-...
-
13
Departure of a SQL Server Administrator – What to Check? A SQL Server administrator has left. B...
-
11
Non-Interactive Logins to vSphere 7 with Tanzu Clusters December 1, 2020 0 By
-
13
Closed Bug 1650645 Opened 6 months ago Closed 10 days ago...
-
9
Closed Bug 1613620 Opened 11 months ago Closed 1 month ago...
-
10
Logins failed when /etc/motd grew too big My school got into the whole networking thing rather early. It had a bunch of coaxial cable run through the tunnels between buildings. It would surface just long enough to make a stop at...
-
10
last command in Linux with ExamplesThis last command guide is a follow-up of my previous 90 Linux Commands frequently used by Linux Sysadm...
-
13
Superfeedr sends logins in plain-text (a HSTS case study)
-
4
How To Check Your Chromebook's Expiration Date (And Why It's Important To Know)
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK