SQL Server Cleartext 'sa' Account 'NULL' Password Authentication (deprecated)

high Nessus Network Monitor Plugin ID 1121

Synopsis

The remote database has set the Administrator password to NULL.

Description

The remote SQL server allows logins with the 'sa' password set to NULL.

Solution

Require the SQL server to utilize an encrypted login and ensure that passwords are not trivially guessed.

Plugin Details

Severity: High

ID: 1121

Family: Database

Published: 8/20/2004

Updated: 1/15/2016

Nessus ID: 10862