In SQL Server 2022-based applications, is there any specified minimum and maximum length requirements for passwords. Also is this length vary from 2019 version.

Mahesh Kumar 20 Reputation points
2024-02-08T04:51:47.9533333+00:00

I am creating an application and I am using SQL server 2022, and I am giving password whose length is in between 3-5. But I am getting error like length of password is too short.
This error is not observed when I am using SQL server 2019 and using password of same length.

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,323 questions
{count} votes

Accepted answer
  1. ZoeHui-MSFT 30,881 Reputation points
    2024-02-09T02:41:32.94+00:00

    Hi @Mahesh Kumar, SQL Server can use Windows password policy mechanisms. The password policy applies to a login that uses SQL Server authentication, and to a contained database user with password.

    SQL Server can apply the same complexity and expiration policies used in Windows to passwords used inside SQL Server. This functionality depends on the API.NetValidatePasswordPolicy

    Regards,

    Zoe Hui


    If the answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Olaf Helper 39,181 Reputation points
    2024-02-08T07:36:33.61+00:00

    But I am getting error like length of password is too short.

    SQL Server don't have it's own password policy, it uses the policy of the Windows domain and if an admin decided, passwords must have a longer length the 5 characters, then your app has to follow that policy. See https://learn.microsoft.com/en-us/sql/relational-databases/security/password-policy?view=sql-server-ver16

    0 comments No comments