SA0090 : SQL Server password policy is vulnerable for login
The topic describes the SA0090 analysis rule.
SQL Server password policy is vulnerable for login
The rule checks SQL logins for having any of password policy or password expiration not enabled.
Consider enabling both ‘Enforce password policy’ and ‘Password expiration’ for all SQL Server logins.
The rule has a ContextOnly scope and is applied only on current server and database schema.
Comma separated list of SQL logins which to be ignored.
The rule requires Analysis Context. If context is missing, the rule will be skipped during analysis.
Maintenance Rules, Security Rules