SQL Server Performance, DBA Best Practices & Enterprise Data Solutions | MyTechMantra
FacebookXPinterestEmailGoogle+LinkedInWhatsApp
Home » SQL Server » How to Change SQL Server Login Properties to Enforce Password Policies and Expiration Settings
DBASQL ServerSQL Server Troubleshooting

How to Change SQL Server Login Properties to Enforce Password Policies and Expiration Settings

Ashish Kumar Mehta
2 min read

How to set SQL Server Password Policy | Set SQL Password Policy

This article demonstrates the steps to create an SQL Server Login which enforces password policies and password expiration policies.

Let us start by creating a new SQL Server Login.

1. Using SQL Server Management Studio, connect to SQL Server Instance.

2. Expand Security, and right click Logins to choose New Login… option from the popup menu to open up Login dialog box as shown in the snippet below.

3. In Login dialog box, you will be able to see checks boxes for Enforce Password Policy and Enforce Password Expiration as highlighted in the snippet below. If you select those check boxes while creating the new SQL Server logins, then the SQL Server will leverage the Windows password policies set by the windows administrator across the organization. Click OK to create the SQL Server Login with Public server role.

Create SQL Server Login and Enforce Password Policy and Enforce Password Expiration
Create SQL Server Login and Enforce Password Policy and Enforce Password Expiration

Where I will be able to see the Password Policies?

1. Navigate to Start | Control Panel | Administrative Tools | Local Security Policy or Run SECPOL.MSC from Command Prompt.

2. To review the local policies on the machine expand Security Settings | Account Policies | Password Policy as shown in the snippet below.

Local Security Settings Password Policy
Local Security Settings Password Policy

Enforce Password Policy SQL Server | SQL Server Password Requirements

If the SQL Server Password is not changed within the Maximum Password Age window then it will be expired. You will be able to see the below mentioned error message with in SQL Server Error Log. This can result in an unplanned downtime for your applications hence you should make sure you change password before the password expiration age in a planned way.

Error Message

Logon Error: 18487, Severity: 14, State: 1. 
Logon Login failed for user 'Login Name'. Reason: The password of the account has expired.

Conclusion

In this article you have seen how to leverage Windows Polices to enforce password policies and password expiration for SQL Server Logins.

Ashish Kumar Mehta

Ashish Kumar Mehta is a distinguished Database Architect, Manager, and Technical Author with over two decades of hands-on IT experience. A recognized expert in the SQL Server ecosystem, Ashish’s expertise spans the entire evolution of the platform—from SQL Server 2000 to the cutting-edge SQL Server 2025.

Throughout his career, Ashish has authored 500+ technical articles across leading technology portals, establishing himself as a global voice in Database Administration (DBA), performance tuning, and cloud-native database modernization. His deep technical mastery extends beyond on-premises environments into the cloud, with a specialized focus on Google Cloud (GCP), AWS, and PostgreSQL.

As a consultant and project lead, he has architected and delivered high-stakes database infrastructure, data warehousing, and global migration projects for industry giants, including Microsoft, Hewlett-Packard (HP), Cognizant, and Centrica PLC (UK) / British Gas.

Ashish holds a degree in Computer Science Engineering and maintains an elite tier of industry certifications, including MCITP (Database Administrator), MCDBA (SQL Server 2000), and MCTS. His unique "Mantra" approach to technical training and documentation continues to help thousands of DBAs worldwide navigate the complexities of modern database management.

View all posts

You may also like

Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.