Learn more about SQL Server tools

mssqltips logo
 

Tutorials          DBA          Dev          BI          Career          Categories          Webcasts          Whitepapers          Today's Tip          Join

Tutorials      DBA      Dev      BI      Categories      Webcasts

DBA    Dev    BI    Categories

 
Simplify SQL Server Database Development     ====>    Webcast Registration
 

SQL Server Login Properties to Enforce Password Policies and Expiration


By:   |   Read Comments (1)   |   Related Tips: More > Auditing and Compliance

Problem

For some reason your web site is up, but none of the data is loading on your web site?  Is your SQL Server up and running?  Are you able to access the data with either your Windows account or sa?  What does your SQL Server error log report?  What is the culprit?

Solution

Chances are if the SQL Server error log reports messages of:

Logon Error: 18487, Severity: 14, State: 1.
Logon Login failed for user 'loginname'. Reason: The password of the account has expired. [CLIENT: <named pipe>]

Then the password for the login used in your web application has expired.  SQL Server 2005 introduced 'Enforce password policy' and/or the 'Enforce password expiration' configurations which use the local policies for password length, complexity and expiration.  Depending on how Active Directory, the local policies and your rights are setup, these parameters can be reviewed and changed to dictate how SQL Server uses configurations.

Where can I find the login properties?

  1. Open Management Studio and the object browser.
  2. Navigate to the Security > Logins folder.
  3. Find the login you are interested in reviewing.
  4. Right click on the login and select 'Properties' option.
  5. On the General tab, review the 'Enforce password policy' and the 'Enforce password expiration' configurations.
login name

Where can I find Window password policies?

Under Windows Admistrator Tools lauch Local Security Policy to review the local policies on the machine or you can type "secpol.msc" in the Windows Run box.  Below is what you will see as the options.

local security settings
Next Steps
  • Review your logins to ensure you are aware if they are using the Enforce password policy and/or the Enforce password expiration configurations.
  • Based on initial research, these configurations apply to all editions of SQL Server 2005 and later from Express to Enterprise.
  • Setup an alert to capture when this event occurs to correct it immediately or determine another means to reset the passwords so these policies do not impact your applications.
  • For additional information about the Enforce password policy and/or the Enforce password expiration configurations, reference the Password Policy article in SQL Server Books Online.
  • For additional SQL Server security information check out these tips:


Last Update:


next webcast button


next tip button



About the author
MSSQLTips author Jeremy Kadlec Since 2002, Jeremy Kadlec has delivered value to the global SQL Server community as an MSSQLTips.com co-founder and Edgewood Solutions SQL Server Consultant.

View all my tips
Related Resources





Post a comment or let the author know this tip helped.

All comments are reviewed, so stay on subject or we may delete your comment. Note: your email address is not published. Required fields are marked with an asterisk (*).

*Name    *Email    Email me updates 


Signup for our newsletter
 I agree by submitting my data to receive communications, account updates and/or special offers about SQL Server from MSSQLTips and/or its Sponsors. I have read the privacy statement and understand I may unsubscribe at any time.



    



Tuesday, July 08, 2014 - 11:26:07 AM - shruthi Back To Top

Hello,

 

The Maximum password age is 42 days .Does it mean the password expires in 42 days

 

Thanks,

shruthi

 


Learn more about SQL Server tools