Assigning an SA Password

Initially, there is no password for the system administrator. After a server is installed, you should assign a password to SA immediately. Do not forget it. If you forget the SA password, you must reinstall SQL Server.

It is not necessary to assign an SA password if the server is set for integrated security only. However, it is recommended that you assign an SA password if the server is set for standard or mixed security. For a discussion of each type of security, see Chapter 8, Security Concepts.

The first time you log in to a newly installed SQL Server, use sa as your login identification and no password. After you log in, use SQL Enterprise Manager or sp_password to change the SA password to prevent other users from using the system administrator's privileges.

If the server is already registered with SQL Enterprise Manager, you can use that tool to change the SA password.

    To use SQL Enterprise Manager to change the SA password on a newly installed server

1. Start SQL Enterprise Manager, and from the Server Manager window, select the server for which you will modify the SA password.
2. From the Server Manager window, open the Logins folder for that server.

   The logins for that server are listed.

3. Double-click the SA login ID.

   The Manage Logins dialog box appears, displaying information about the SA login ID.

   

4. In the Password box, type the new password, and then choose Modify.

   The Confirm Password dialog box appears.

5. In the Confirm New Password box, type the new password.
6. Choose OK.

   The SA password is changed.

You can also use sp_password to change the SA password. Type:

sp_password old_password, new_password [, login_id]

For example, to change the SA password to "rover" on a newly installed server, type:

sp_password null, rover, sa

For more information about sp_password, see the Microsoft SQL Server Transact-SQL Reference.

For more information about the settings you can modify for a login ID, see Part 4, Security.