SQL Server Cleartext 'sa' Account 'sa' Password Authentication (deprecated)

High Nessus Network Monitor Plugin ID 1122

Synopsis

The remote database is configured with easily guessed (or default) Administrative passwords.

Description

The remote SQL server allows logins with the 'sa' password set to 'sa'.

Solution

Require the SQL server to utilize an encrypted login and ensure that passwords are not trivially guessed.

Plugin Details

Severity: High

ID: 1122

File Name: 1122.prm

Family: Database

Published: 2004/08/20

Modified: 2016/01/15

Dependencies: 1109

Nessus ID: 10862

Risk Information

Risk Factor: High