Changing the SQL "sa" Login System Administrator Password.

Changing the SQL "sa" Login System Administrator Password.

The SQL "sa" login is a Microsoft provided standard SQL login with administrator permission on the SQL server.

The 'sa' login password would have been created by your system administrator when SQL was first installed.  Your system administrator may have chosen to change the password since it was first created.  If you don't know what the 'sa' login password is, check with your system administrator.  If you want to change the 'sa' login password, you can use the Microsoft provided SQL Server Management Studio (or SQL Server Express Management Studio) to change the password.


  1. Log into Windows as a user with administrator permission to the SQL server on a desktop which has the Microsoft SQL Server Management (or SQL Server Express Management) applications installed. Typically, these applications will be on the SQL server itself, and optionally may have been installed by the system administrator on other desktops.
  2. Open the SQL Server Management Studio (or SQL Server Express Management Studio) application. Microsoft will create a Windows Start menu shortcut for this application under All Programs>Microsoft SQL Server 2005 or Microsoft SQL Server 2008.  
  3. Connect to the SQL Server using Windows Authentication.  When you open the SQL Server Management Studio application, the Connect to Server popup window will display.  Make sure the Server Name drop-down box has the correct name for your SQL server.  In the Authentication drop-down box, select Windows Authentication.  Click Connect.
  4. Expand the tree under the icon with your SQL server name in the SQL Server Management Studio Object Explorer left-hand window.
  5. Expand the Security folder in the SQL Server tree.
  6. Expand Logins folder in the Security tree.
  7. Right-click on 'sa' icon, and select Properties. The Login Properties - sa window will display.
  8. Enter your choice for the password in the Password and Confirm Password fields. Microsoft Windows will typically enforce a password policy which requires you to select a complex password.  When a password policy is enforced, by default the new passwords must meet the following guidelines:
  • The password does not contain all or part of the account name of the user. Part of an account name is defined as three or more consecutive alphanumeric characters delimited on both ends by white space such as space, tab, and return, or any of the following characters: comma (,), period (.), hyphen (-), underscore (_), or number sign (#).
  • The password is at least eight characters long.
  • The password contains characters from three of the following four categories:
  • Latin uppercase letters (A through Z)
  • Latin lowercase letters (a through z)
  • Base 10 digits (0 through 9)
  • Non-alphanumeric characters such as: exclamation point (!), dollar sign ($), number sign (#), or percent (%).
  • Passwords can be up to 128 characters long. You should use passwords that are as long and complex as possible.
  • The password policy enforced for your Windows system may be more or less complex as determined by your system administrator.

  9.  Click OK.  If the password you chose fails the password policy, when you click OK, an error message will display, which includes the message the "Password validation failed.".  In this case, you will have to choose a more complex password, which complies with the policy your system administrator has in place.

ArticleNumber:

000047552