Versions Compared

Old Version 6

changes.mady.by.user Nadja Pollard

Saved on

compared with

New Version 7

changes.mady.by.user Daniela Villalobos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the menu options, click Tools > Configure Weak Password Detection.
    Image Added
  2. Select Enable weak password detection. SQL Secure uses a default list with over 2400+ words. In the Detection Settings you can:
    • Add new words to the default list by typing the additional words or phrases separated by a semicolon in the Additional Passwords textbox. If you want to access the Default Passwords list, click View Default Password List.
    • Customize the password analysis by importing a custom list. For this purpose, type the name of the list file (text file *.txt) or click the ellipsis button  to to browse a file in your computer. Format the text file such that each word or phrase is located on a separate line. If you want to view the imported list, click View Custom Password List.To specify a different text file, click Remove List, and then add the new file.
  3. Click OK.

...

As SQL Secure analyzes the password health of your SQL logins, it records one of the following results. These findings are displayed in the corresponding Login Properties window and the Login Vulnerability report.

Password health resultsWhat it means
BlankThe password for this login is either blank or null, which means no password is required for authentication or successful connection to databases hosted by your audited SQL Server instances.
Matches login nameThe password for this login matches the name of the login.
N/AThe password for this login was not checked, most likely because either the login is a Windows user account or weak password detection is disabled.
OKThis login most likely has a strong password because the password does not match any of the words and phrases in the Default Weak Passwords list or the additional and custom passwords you specified.
WeakThe password for this login matches one or more of the words and phrases in the Default Weak Passwords list or the additional and custom passwords you specified.

About password detection

When weak password detection is disabled, SQL Secure stops collecting password health data. All previously collected data remains stored in the SQL Secure Repository database and can be evaluated using your policy assessments. For future assessments, SQL Secure will no longer report on whether any SQL login passwords are considered weak but it will continue to report on whether a password is blank.

...