2

How do you unlock a login on Azure Sql?

I have a login which has become locked due to too many bad login attempts. I tried unlocking the user with the standard command.

ALTER LOGIN [lockedAccount] WITH PASSWORD = 'xxxx' unlock 

This returns the error - Keyword or statement option 'unlock' is not supported in this version of SQL Server.

SSMS does not give me an option to unlock it either.

Is there any way to unlock the account?

5
  • 1
    Have you attempted resetting the master administrator password? I posted an answer how to do that, here. Not sure if it'll help, but is worth a try. Commented Nov 12, 2015 at 3:57
  • The master account is not locked. I have a secondary account which my application uses to log in with which is what is locked. Commented Nov 12, 2015 at 6:04
  • I think it's ALTER LOGIN [lockedAccount] ENABLE Commented Nov 12, 2015 at 16:27
  • 1
    That does not work either. I did discover that the account does auto unlock after around 10 minutes. I don't have the exact timing down yet. It gets locked after 9 failed attempts. Commented Nov 12, 2015 at 17:53
  • It all depends on how you setup security. You can setup a contained database in which the user/password is in the database. Or you can have a login/password in [master] that redirects to the user in the database. Commented Nov 16, 2015 at 22:53

2 Answers 2

2

This is by design - you aren't hitting password policy lock out, but you are hitting Azure SQL Databases denial of service functionality to help prevent brute force password attacks and unauthenticated denial of service attacks. See #6 on https://azure.microsoft.com/en-us/blog/sql-azure-connectivity-troubleshooting-guide/. The only solution is to wait as you discovered and try again.

Sign up to request clarification or add additional context in comments.

Comments

1

There is a dynamic property under Server Parameters in Azure Database for PostgreSQL server that is called connection_throttling (it enables temporary connection throttling per IP for too many invalid password login failures).

It could be turned off in order to establish connection faster and turned back on afterwards.

1 Comment

Great answer! This worked for us. We turned it off, saved, tested, it worked, and then went back in right away and turned it back on, and it still worked.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.