Recover Sa Password

Recover sa password

The best way is to simply reset the password by connecting with a domain/local admin (so you may need help from your system administrators), but this only works if SQL Server was set up to allow local admins (these are now left off the default admin group during setup).

If you can't use this or other existing methods to recover / reset the SA password, some of which are explained here:

• Disaster Recovery: What to do when the SA account password is lost in SQL Server 2005
• Is there a way I can retrieve sa password in sql server 2005
• How to recover SA password on Microsoft SQL Server 2008 R2

Then you could always backup your important databases, uninstall SQL Server, and install a fresh instance.

You can also search for less scrupulous ways to do it (e.g. there are password crackers that I am not enthusiastic about sharing).

As an aside, the login properties for sa would never say Windows Authentication. This is by design as this is a SQL Authentication account. This does not mean that Windows Authentication is disabled at the instance level (in fact it is not possible to do so), it just doesn't apply for a SQL auth account.

I wrote a tip on using PSExec to connect to an instance using the NT AUTHORITY\SYSTEM account (which works < SQL Server 2012), and a follow-up that shows how to hack the SqlWriter service (which can work on more modern versions):

• Recover access to a SQL Server instance
• More on Recovering Access to a SQL Server Instance

And some other resources:

• Connect to SQL Server When System Administrators Are Locked Out

• Leveraging Service SIDs to Logon to SQL Server Instances with Sysadmin Privileges

Is there a way I can retrieve sa password in sql server 2005

There is no way to get the old password back. Log into the SQL server management console as a machine or domain admin using integrated authentication, you can then change any password (including sa).

Start the SQL service again and use the new created login (recovery in my example)
Go via the security panel to the properties and change the password of the SA account.

Now write down the new SA password.

How do you reset the sa password?

You can follow the steps mentioned in the link below to reset the SA password:

• Disaster Recovery: What to do when the SA account password is lost in SQL Server 2005

Steps summarised below:

1. Open SQL Server Configuration Manager from Start Menu > Programs > Microsoft SQL Server 20xx > Configuration Tools > relevant to the newest version of SQL Server you have installed (e.g. if you have 2005 and 2012 installed, use the 2012 version). Don't have a Start Menu? On Windows 8's Start screen, start typing SQL Server Con... until it shows up.
2. Stop the SQL Server instance you need to recover by right-clicking the instance in SQL Server Services and selecting "Stop"
3. Right-click the instance you just stopped, click Properties, and in the “Advanced” tab, in the Properties text box add “;–m” to the end of the list in the “Startup parameters” option (on newer versions, you can go directly to the "Startup Parameters" tab, type "-m" and click Add, without worrying about the syntax, the semi-colon, or anything else).
4. Click the “OK” button, and restart the SQL Server Instance
5. After the SQL Server Instance starts in single-user mode, the Windows Administrator account is able to connect to SQL Server using the sqlcmd utility using Windows authentication. You can use Transact-SQL commands such as "sp_addsrvrolemember" to add an existing login (or a newly created one) to the sysadmin server role.

The following example adds the account "Buck" in the "CONTOSO" domain to the sysadmin role:

EXEC sp_addsrvrolemember 'CONTOSO\Buck', 'sysadmin';

Once the sysadmin access has been recovered, remove the “;-m” from the startup parameters using the Configuration Manager and restart the SQL Server instance one more time.

NOTE: make sure there is no space between “;” and “-m”, the registry
parameter parser is sensitive to such typos. You should see an entry
in the SQL Server ERRORLOG file that says “SQL Server started in
single-user mode.”

---

Additional resources:

• Connect to SQL Server When System Administrators Are Locked Out
• Leveraging Service SIDs to Logon to SQL Server 2012 and SQL Server 2014 Instances with Sysadmin Privileges
• Recover access to a SQL Server instance using PsExec

Ultimately, you could always copy the database files to another instance, or even reinstall SQL Server (adding a local account as sysadmin during that process).

Sql Server - How to RECOVER (not reset) 'sa' password

I'm not sure if this applies to SQL server but there is a chance you can not recover the password. Secure authentication methods should never store the plaintext password. Usually it would go like so:

Register with username and password.
Password is converted to a hash using a one way hashing algorithm.
Hash is stored.

Then when logging in:

Supply username and password.
Password is converted to a hash using the same algorithm.
The new hash is compared against the stored hash

If the stored hash and the new hash are equal then it was an authorised login.

Print my sa password

---

WARNING - HORRIFIC PRACTICE

Change your application to use a user OTHER THAN sa, and preferably without sysadmin permissions. Usually database level db_datareader, db_datawriter, and MAYBE db_ddladmin is enough, though it may need a GRANT EXECUTE on the database.

If you can't, then argue some more. In writing.

If you lose again, go change the sa password to a long, strong, cryptographically random password in concert with the application being updated with a new password.

And make sure that instance is used ONLY for that app, so the risk is limited to that one area.

---

Recovering the current sa password

First, you are a sysadmin, aren't you? You should already know the sa password! If you lost twice, just change the sa password on the other instance to that same one (or, better, change them both to something better), through ALTER LOGIN (below) or the GUI.

Second, realize that EVERY USER OF THAT APPLICATION CAN GET YOUR SA PASSWORD - they can almost certainly extract it right out of the application with a hex editor, looking for the string pwd or pass (either UCS-2 "Unicode" or ASCII).

You have the application, right? Consult your local security admins, and see if you're allowed to open it up in a hex editor and find the sa password yourself.

---

Moving the sa password

In general, if you want to move the same password around, you can use

ALTER LOGIN sa PASSWORD = 'hash string' HASHED

to change it.

Do not do this regularly - if someone gets hashes of all your passwords (just like you're getting them), it's better that each one have a unique salt, so the attacker has to spend more work testing against many salts before they start finding passwords.

Do not do this from lower protection to higher protection - SQL Server 2005, 2008, and 2008R2 all use the same algorithm. SQL Server 2012 and 2014 use the same. Don't move a 2005/8/8R2 hash to 2012/14; it's significantly weaker (and 2012/14 password hashing is pathetic to begin with).

Thus, you're better off changing the password to what you want in cleartext, so SQL Server generates a new salt. The password hash is incredibly weak, a single iteration of SHA-1 or SHA-512, so it needs all the help it can get.

how to retrieve a non sa password in SQL Server?

Yes you can for SQL logins.

You read the hashed passwords sys.sql_logins (maybe only via the DAC) and use a tool like NGS SQLCrack.

However, there is almost no requirement ever to keep these in a document.

For Windows based logins, no. The password is in AD.

And read this: "What are the arguments for and against a network policy where the sys admin knows users passwords?"

---

Related Topics