Microsoft SQL Server
Microsoftdatabase2 credentials
SQL Server Login Password
microsoft-sql-server / sql-login-password
SQL Server supports SQL Server Authentication when the Database Engine is configured for mixed mode authentication. Microsoft documents creating SQL logins with CREATE LOGIN and PASSWORD, and SQL Server stores password hashes for SQL logins internally.
Looks like
patternCREATE\s+LOGIN\s+\S+\s+WITH\s+PASSWORD\s*=\s*'[^'\r\n]+'(?:Server|Data Source)=[^;\r\n]+;.*(?:User ID|UID)=[^;\r\n]+;.*(?:Password|PWD)=[^;\r\n]+Location
sys.sql_loginscatalog view exposing SQL login metadata and password hash state to privileged users
appsettings.json, web.config, .env files, ODBC DSNs, JDBC URLs, and deployment manifests
MSSQL_SA_PASSWORD, SA_PASSWORD, SQLSERVER_PASSWORD, DB_PASSWORD, DATABASE_URLWindows Credential Manager, cloud secret managers, Kubernetes Secrets, and CI/CD variables
ODBC DSN and application configuration values on Windows hosts
connection strings in application code, migrations, tests, and committed configs
failed connection traces, ORM debug logs, installer logs, and CI output
tcp/1433SQL Server Tabular Data Stream login endpoint
Notes
SQL Server Authentication passwords are user-defined. The sa account is a built-in login name, but a default sa password is not universal and should not be modeled without product- or image-specific sourcing.
Windows / Microsoft Entra Login
microsoft-sql-server / windows-entra-login
SQL Server also supports Windows authentication and Microsoft Entra authentication, where database access is tied to external identity credentials rather than a SQL login password stored in SQL Server.
Location
tcp/1433SQL Server login using integrated Windows or Microsoft Entra authentication
connection strings using Integrated Security, Trusted_Connection, or Entra authentication modes
SQLAUTHENTICATION, AZURE_CLIENT_ID, AZURE_CLIENT_SECRETservice account passwords, managed identity configuration, and cloud identity secrets
ODBC DSNs and service account configuration on Windows hosts
Notes
The credential material may live in Active Directory, Microsoft Entra ID, local service accounts, Kerberos tickets, or client certificates rather than in SQL Server itself.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.