Suppose you have ever lost a SQL database Password and want to know how to recover it. In that case, this article will provide all the possible successful ways for recovering the SQL server database user password. Microsoft has created SQL Server Management Studio (SQL Server), a Relational Database Management System (RDBMS). It is used to store SQL (Structured Query Language) code that creates database files, stores all the information in it, and is managed to be retrieved whenever necessary.

Reasons to recover the password of the SQL server user database:

  1. The password is lost or forgotten by the SQL Server SA.
  2. All logins belonging to the role of the sysadmin were removed mistakenly.
  3. The SA account is disabled or locked because of entering the wrong password.
  4. Logins that belong to previous employees who left the organization are not accessible.

Because of these reasons, it is necessary to recover the SQL SA password. So now, let’s move forward to know the essential steps for the recovery process:

How to recover SQL Server SA password?

The default user created for the database server is “SA,” and it is an administrator account. “SA” stands for “SQL Administrator.” There are three measures which can be used to recover SQL database password:

By Authentication of Windows

  1. If the given database is already enabled for Windows Authentication, one can sign in to the server without entering a password. However, the SQL server’s password can be easily changed after logging in. If Windows Authentication is not available, reset the password using Single-User Mode or use Command Prompt.
  2. SSMS should be downloaded and installed. SSMS is a user interface that allows you to change various aspects of your SQL Server settings in a window instead of a Command Prompt. Steps for installing SSMS are as follows:
  • In a browser, navigate to the SSMS installation page.
  • Click on the Download SQL Server. Management Studio 17.6 link.
  • Double-click on the downloaded SSMS setup file.
  • To install SSMS, follow the on-screen prompts.
  1. Open SSMS. Into the Start button, type “SQL server management studio.” At the top of the Start window, click on Microsoft SQL Server Management Studio 17.
SQL server management studio

4. Press the “Authentication” drop-down box for the correct authentication, then from the menu, select “Windows Authentication.”

  1. Press the “connect” button. If you are allowed to use Windows Authentication for your account, this will log you in to your server’s dashboard.
connect to the server’s dashboard
  1. Extend the folder of the server. If the directory of your server on the upper-left side of the window has no multiple options below it, press the “+” icon on the left to extend it.
the “+” icon on the left to extend it
  1. Below the server name, there is a security folder available; expand it.
  2. Below the security folder, there is a “Login” folder; expand it.
  3. Within the “Logins” group of options, double click on the “SA folder.” The System Administrator properties window will open next.
  4. Enter a new password in “Password” and the “Confirm password” text fields at the top of the window.
  5. At the bottom of the window, click “OK.” At last, the password will successfully be changed to a new one and then close the properties window.

By Single-User Mode:

  1. Even if you have locked your account, you can add a user and give them administrator permissions by using the Command Prompt. The new user’s credentials can be used to log into your SQL Server account after doing this. From there, you can update your SA password.
  2. SSMS should be downloaded and installed. SSMS is a user interface that allows you to change various aspects of your SQL Server settings in a window instead of a Command Prompt. Steps for installing SSMS are as follows:
  • In a browser, move to the SSMS installation page.
  • Click on Download SQL Server Management Studio 17.6 link.
  • Double-click on the downloaded SSMS setup file.
  • To install SSMS, follow the on-screen prompts.
  1. In administrator mode, open Command Prompt. Visit the Start window, then perform the following:
  • Type command prompt.
  • Right-click Image titled Windowscmd1.png Command Prompt.
  • Click on “Run as administrator.”
  • Click “Yes” when prompted.
  1. Stop SQL Instance: Type net stops MSSQLSERVER and click enter to stop the currently running SQL services.
  2. Again start SQL in Single-User Mode. To start SQL, type net start MSSQLSERVER -m “SQLCMD” and click Enter.
  • You will not see any indication at this stage that you are operating in single-user mode, but the term “The SQL Server < MSSQLSERVER > service has been successfully launched” will appear.
  1. SQL Connect: To open the SQL command line, type “sqlcmd” and click enter.
  2. Create a new user and password: Type below commands in the SQL command line: Type “CREATE LOGIN name WITH PASSWORD=’password’ where “name” is indicating the account name and “password” is indicating the new password.
  3. Click Enter.
  4. Next, type “GO” and click Enter.
  5. Adding a new user to the System Administrator role: Type SP_ADDSRVROLEMEMBER name,’ SYSADMIN’; where “name” indicates the account name, click Enter. Now type “GO” and click enter.
  6. Again start SQL in regular mode. By typing “net stop MSSQLSERVER && net start MSSQLSERVER,” you can cancel Single-User Mode and click Enter. (Note: You will see “The SQL Server service started successfully,” and then you can close Command Prompt.)
  7. Open SSMS and then into the Start button type SQL server management studio. At the top of the Start window, click on Microsoft SQL Server Management Studio 17.
  8. Click on the “Authentication” drop-down box for the correct authentication. In the menu, select SQL Server Authentication.
  9. Sign in with the new user’s details. Next, click on the “Login” drop-down box, then press on the user’s name just created.
  10. Password Enter: In the “Password” text box near the bottom of the window, type the user’s password.
  11. Click on the “connect” button. If you are allowed to use Windows Authentication for your account, this will log you in to your server’s dashboard.
  12. Extend the folder of the server. If the directory of your server on the upper-left side of the window has no multiple options below it, press the “+” icon on the left to extend it.
  13. Below the server name, there is a security folder available; expand it.
  14. Below the security folder, there is the “Login folder”; expand it.
  15. Within the “Logins” group of options, double-click on the SA folder. The System Administrator properties window will open next.
  16. A password field is there at the top of the window. Enter a new password in the “Password” and the “Confirm password” text fields.
  17. At the bottom of the window, click OK. At last, the password will successfully be changed to a new one and then close the properties window.

By Using Hashcat Tool

  1. We will start by installing Hashcat from this https://hashcat.net/hashcat/ page. Download and extract the file.
  2. Double-click on the Hashcat folder and create a file named Hashes.txt. Open the file and enter the SQL hashes which are the same for SQL Server 2005, 2008, and 2008 R2. Copy and paste the following hashes:

0x01003E68286EA70F9E6726E09CA1E90751A49C95354DF4A1D6E8 0x0100E8AD828763D96E4FBF45D2DB223940DCCA99B2EBFD03DEC0 0x0100C0CA0FE0B2CBD8B39898725BE10D68E22DEE10CDBE21AD55 0x01001A9DF738F670CFC1520E2E9E7FE414BCC3805254C6970D5F

  1. Now open a SQL server instance and run the following query:

-- Requires VIEW permission on the login. -- When requesting the password hash, also requires CONTROL SERVER permission select name, LOGINPROPERTY(sys.syslogins.name,'PasswordHash') as password_hash from sys.syslogins where LOGINPROPERTY(sys.syslogins.name,'PasswordHash') is not NULL or -- Any SQL Server authentication login can see their login name, -- and the sa login. To see other logins requires ALTER ANY LOGIN, -- or permission on the login. select name, password_hash from sys.sql_logins

  1. Open a DOS prompt and “cd ” and then enter the following command:

hashcat-cli64.exe -a 3 --pw-min=2 --pw-max=12 -m 131 -p : -o "C:\Users\Divya\Desktop\hashcat-0.49/SQL_passwords.txt" -n 2 "C:\Users\galbin\Desktop\hashcat-0.49/Hashes.txt" -1 ?l?u?d?s ?1?1?1?1?1?1?1?1?1?1?1?1

(Note: change Divya to your name)

  1. EULA will pop up. Press “Enter” and accept the EULA by typing in “YES.”
  2. Now the tool starts working. Press “Enter” to get a status screen.
  3. Soon a new file called SQL_passwords.txt will be created. It comprises a list of recovered passwords listed by the hashes, and the passwords are separated from their hashes by a colon.

MYSQL Server Password Recovery1-An Expert Solution

This utility helps to recover the SQL SA password quickly. By replacing the original password, it sets a new password for user accounts in SQL Server. These methods can crack any passwords, whether encrypted or unencrypted. So, if you face some complications with the above-mentioned manual measures, you can go with an expert solution.

Summary

We have explained all the manual tricks for the “how to recover SQL database password” problem. And also a direct approach that quickly recovers SQL passwords. This helps the user recover SQL passwords using a paid and accessible tool.

References:

  1. https://www.sysinfotools.com/recovery/sql-server-password-recovery.php

Start learning with Cybrary

Create a free account

Related Posts

All Blogs