asked
Does a backup contain more than the data? Can someone read passwords from it?
I have question what actually a backup contains is it **more than a data or logs**.If it is more than that can anybody read passwords from it.
The backup has everything that is stored in the database. It's a bit by bit copy of everything that defines the database. User database would not have passwords. The backup of the master database would have passwords in it. But, they're encrypted. You couldn't just read them out of the backup.
The original question was about SQL 2008; however, what about a partially contained database in SQL 2012+? Granted, those would also be encrypted...
Assuming the passwords are in a table within the database, if you don't take steps to encrypt the passwords or secure your backups, yes in theory someone could steal the backup file, restore it and then subsequently read passwords. Transparent Data Encryption would help to solve that problem as well as column level encryption. Hope that helps!
Ah, I assumed SQL logins. But yeah, if you're storing any information in the database, the backup will have that stuff. A third party tool like SQL Backup can encrypt just the backups, not requiring TDE (which can be a little problematic). Also, SQL Server 2014 has backup encryption now.
16 People are following this question.
