MS SQL Audit / Query Logging

HY 21 Reputation points

Does MSSQL Server 2016 audit logging stores password in clear when I have enter an SQL query that is with the secret/password? Kindly advise.

An example of the sql query:

Create credential XYZuser with identity=’abcdefgh’, secret=’password’

After I run the query, is the secret/password stored in clear in the logs?

Thanks & Regards

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,232 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmeliaGu-MSFT 13,956 Reputation points Microsoft Vendor

    Hi @HY ,
    Please don’t worry about that. SQL Server audit log will not record password clearly.
    Please see this example:
    Best Regards,

    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. 4,301 Reputation points

    No, it doesn't expose passwords in traces or audits. Below is an example from a server audit, where I created a credential:

    SECRET = N'******'

    As you see, it show a number of asterisks instead of the passwords.

    0 comments No comments

  2. HY 21 Reputation points

    Thanks All for the answers.

    0 comments No comments