sys.sql_logins (Transact-SQL)

Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance Analytics Platform System (PDW)

Returns one row for every SQL Server authentication login.

Column name Data type Description
<inherited columns> -- Inherits from sys.server_principals.
is_policy_checked bit Password policy is checked.
is_expiration_checked bit Password expiration is checked.
password_hash varbinary(256) Hash of SQL login password. Beginning with SQL Server 2012 (11.x), stored password information is calculated using SHA-512 of the salted password.

For a list of columns that this view inherits, see sys.server_principals (Transact-SQL). The columns owning_principal_id and is_fixed_role is not inherited from sys.server_principals.

Remarks

To view both SQL Server authentication logins and Windows authentication logins, see sys.server_principals (Transact-SQL).

When contained database users are enabled, connections can be made without logins. To identify those accounts, see sys.database_principals (Transact-SQL).

Permissions

SQL Server: Any SQL Server authentication login can see their own login name, and the sa login. To see other logins, requires ALTER ANY LOGIN, VIEW SERVER SECURITY DEFINITION, or a permission on the login.

To view the contents of the password_hash column, CONTROL SERVER or starting with SQL Server 2022, VIEW ANY CRYPTOGRAPHICALLY SECURED DEFINITION permission required. Azure SQL Database: only members of the special database role loginmanager in master or the AAD Admin and Server Admin can see all logins.

The visibility of the metadata in catalog views is limited to securables that a user either owns, or on which the user was granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Catalog Views (Transact-SQL)
Security Catalog Views (Transact-SQL)
Password Policy
Principals (Database Engine)