Click or drag to resize

SA0090 : SQL Server password policy is vulnerable for login

The topic describes the SA0090 analysis rule.

Message

SQL Server password policy is vulnerable for login

Description

The rule checks SQL logins for having any of password policy or password expiration not enabled.

Consider enabling both 'Enforce password policy' and 'Password expiration' for all SQL Server logins.

Scope

The rule has a ContextOnly scope and is applied only on current server and database schema.

Parameters
NameDescriptionDefault Value
IgnoreLogins

Comma separated list of SQL logins which to be ignored.

-

Remarks

The rule requires Analysis Context. If context is missing, the rule will be skipped during analysis.

Categories

Maintenance Rules, Security Rules

Additional Information
See Also

Other Resources