| title | Strong Passwords | Microsoft Docs | |||||||
|---|---|---|---|---|---|---|---|---|
| ms.custom | ||||||||
| ms.date | 03/14/2017 | |||||||
| ms.prod | sql | |||||||
| ms.prod_service | database-engine, sql-database, sql-data-warehouse, pdw | |||||||
| ms.reviewer | ||||||||
| ms.technology | security | |||||||
| ms.topic | conceptual | |||||||
| helpviewer_keywords |
|
|||||||
| ms.assetid | 338548f4-c4d8-47ca-b597-5c9c0f2fa205 | |||||||
| author | VanMSFT | |||||||
| ms.author | vanto | |||||||
| monikerRange | >=aps-pdw-2016||=azuresqldb-current||=azure-sqldw-latest||>=sql-server-2016||=sqlallproducts-allversions||>=sql-server-linux-2017||=azuresqldb-mi-current |
[!INCLUDEappliesto-ss-asdb-asdw-pdw-md] Passwords can be the weakest link in a server security deployment. Take great care when you select a password. A strong password has the following characteristics:
-
Is at least eight characters long.
-
Combines letters, numbers, and symbol characters within the password.
-
Is not found in a dictionary.
-
Is not the name of a command.
-
Is not the name of a person.
-
Is not the name of a user.
-
Is not the name of a computer.
-
Is changed regularly.
-
Is different from previous passwords.
[!INCLUDEmsCoName] [!INCLUDEssNoVersion] passwords can contain up to 128 characters, including letters, symbols, and digits. Because logins, user names, roles, and passwords are frequently used in [!INCLUDEtsql] statements, certain symbols must be enclosed by double quotation marks (") or square brackets ([ ]). Use these delimiters in [!INCLUDEtsql] statements when the [!INCLUDEssNoVersion] login, user, role, or password has the following characteristics:
-
Contains or starts with a space character.
-
Starts with the $ or @ character.
If used in an OLE DB or ODBC connection string, a login or password must not contain the following characters: [] () , ; ? * ! @ =. These characters are used to either initialize a connection or separate connection values.