Skip navigation

Everything you ever wanted to know about passwords and then some

Have you ever tried to make sense of how passwords are stored in SQL Server 2005?  It used to be a bit easier in SQL Server 2000.  Back then, the sysxlogins virtual table had a column called password which contained a hashed value of the SQL accounts’ passwords.  Windows’ accounts passwords were always NULL.  Going back to even earlier versions, one of the shameful secrets of SQL Server was that passwords were stored in a clear text file in the SQL Server directory.

Now, in SQL Server 2005, the same information is available from the system function LOGINPROPERTY with a property name of ‘PasswordHash’ as described here:

and here:

In addition, here’s a great KB support article that explains how to move passwords between SQL Servers, even if they are different versions:



Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.