Security : SQL Server Passwords

To securely use SQL Server, Microsoft recommends using Windows Integrated Security. In Windows Integrated Security mode, passwords are never stored as your Windows Domain sign-on is used as the security identifier to the database server.
Password and login ID of a registered SQL Server user in Enterprise Manager for SQL Server can be easily retrieved using SQL DMO (Distributed Management Object). Create file SQLPasswords.vbs and open it in Notepad. Add the following code and save it:

Dim pApplication
Set pApplication = CreateObject("SQLDMO.Application")
Call EnumGroups(pApplication.ServerGroups)
Sub EnumGroups(ByVal pGroups)
Dim pServerGroup 
Dim pRegServer 
For Each pServerGroup In pGroups 
 If pServerGroup.RegisteredServers.Count > 0 Then 
  Msgbox "Group :" & pServerGroup.Name 
  For Each pRegServer In pServerGroup.RegisteredServers
   Msgbox "Name:" & pRegServer.Name
   Msgbox "Login:" & pRegServer.Login
   Msgbox "Password:" & pRegServer.Password
 End If
 If pServerGroup.ServerGroups.Count > 0 Then
  Call EnumGroups(pServerGroup.ServerGroups)
 End If
End Sub

the script and this will retrieve the passwords of registered servers using your account. If the ‘Always prompt for login name and password’ checkbox is not set when registering a SQL Server, the login ID and password is weakly encrypted and stored in the following registry key: HKEY_CURRENT_USERSOFTWAREMicrosoftMSSQLServerSQLEWRegistered Server X.

How SQL Server stores passwords (SQL accounts) : See article at

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s