When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
Print this page.
The SQL Guru Answers your Questions...

Today's question comes from Andy.

I need a way to validate a SQL Users password. The only way I have come up with is to try to access the server, then if it fails the user isn't validated. There must be a better way. I've tried running a query on both the syslogin table and the sysxlogin table with converting the password the various data types. I didn't think it would work, but tried anyway. Do you have any ideas?

Hi Andy,

The password in syslogins is encrypted, so there really is no way you can get to it. I don't understand why you are trying to reinvent the wheel though. The whole point of the SQL Users password is to allow/disallow access to the server. If this fails, it's up to the client application to handle the failure gracefully and issue an error message to the user. I think you should be focusing on handling the issue of a clean login using the existing SQL Server functionality, rather than rewriting SQL's login process :)

Another thing, have you considered using NT Security to handle user authentication. This could provide a transparent login procedure to the end-user, while you can rest assured that only authorised users are accessing the database. (You have to be using NT on the client machines to implement this though).

Good luck,


Read Other SQL Guru Questions

ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article