As follows:
Security baseline item description: on the property of the user security checks, including an empty password, the password update

Steps:
1, find an empty Password: Select the name and the Password from syslogins where Password null order by name
A total of 12 passwords to NULL check to the following name:
# # # # MS_AgentSigningCertificate
# # # # MS_PolicySigningCertificate
# # # # MS_SmoExtendedSigningCertificate
# # # # MS_SQLAuthenticatorCertificate
# # # # MS_SQLReplicationSigningCertificate
# # # # MS_SQLResourceSigningCertificate
XXXX \ Administrator
The NT AUTHORITY \ SYSTEM
NT Service \ MSSQLSERVER
NT SERVICE \ SQL
NT SERVICE \ SQLWriter
NT SERVICE \ Winmgmt

2, in the login name and select the NT AUTHORITY \ SYSTEM, NT Service \ MSSQLSERVER, NT Service \ SQL users, such as
Then right click "properties" - "conventional" - check the "old password specified", enter the password to determine, according to the step 1 again to find, found that is still a blank password,

Two problems:
1, how to modify it as required 12 name password??
2, login name all show only 10, and there are 2 has set a strong password, why there are 12 user name password is NULL??

CodePudding user response:

I and you said the first priority, # # is essentially a built-in system account, not to the user, it is null values, the actual password is not empty, it is through the program instructions to call
Nt of heading, all is the built-in user system services, and in particular service program execution system hierarchy and calls,

You forced to set them on the password, but complains, even lead to essentially a malfunction,

CodePudding user response:

Is ah, don't understand the safety baseline setting,
You see the Internet set the first 2.1.2, basic has, to cancel an empty password, get depressed,
https://wenku.baidu.com/view/13fc8f703086bceb19e8b8f67c1cfad6195fe98e.html

reference 1st floor morliz son hin reply:

I and you said the first priority, # # is essentially a built-in system account, not to the user, it is null values, the actual password is not empty, it is through the program instructions to call
Nt of heading, all is the built-in user system services, and in particular service program execution system hierarchy and calls,

You forced to set them on the password, but complains, even lead to essentially a malfunction,

CodePudding user response:

I went through this article, don't know what is the meaning,
A library database server, did not depend on the needs of the network database services, disable all these essentially a built-in account and add password, or have the effect of its value,
And no. 6, 2018, I suspect that the actual content is in accordance with the 2000 version of the database,

Copy what it wants to study or research for your university? I can't see what is the value

CodePudding user response:

Is this: the owner units came B/S architecture was black,
Now requires the SQL SERVER is configured, conform to the requirements of the most basic safety management
Then the owner will be online to send me some of the configuration requirements, asked to complete the basic security configuration,
Cannot use an empty password sa request, this is understandable;
Is essentially a built-in account with password, worry about empty password be attacked?

reference morliz son hin reply: 3/f

I went through, the article, don't know what is the meaning,
A library database server, did not depend on the needs of the network database services, disable all these essentially a built-in account and add password, or have the effect of its value,
And no. 6, 2018, I suspect that the actual content is in accordance with the 2000 version of the database,

Copy what it wants to study or research for your university? I can't see what is the value significance

CodePudding user response:

As far as I know, in addition to sa and users to establish account, can set a password,
NT service built-in account and # # account password, cannot be set,
Microsoft officials are not allowed, you can have a try,

It this article, I think there are some misleading, don't need to set up these accounts,