Forum Discussion
Password Expiration Behavior
If I set check_expiration = on for a SQL authenticated login, will the user get prompted to change their password either:
- after it expires
- just before it expires
- not at all
I can't force a login's password to EXPIRED or else I'd test it myself and I've not found any documentation on what happens once IsExpired flips to 1.
3 Replies
SQL Server uses the same password policies as the domain.
You can query it
LOGINPROPERTY (Transact-SQL) - SQL Server | Microsoft Learn
=> DaysUntilExpiration
That's not my question. Neither am I on a domain. The SQL logins in question are on an Azure Managed Instance and in this case, Entra ID is not an option.
My end users can't run that query. I need to know if they will have a chance to reset their own passwords should they expire.
All I'm able to find is this text:
When SQL Server enforces password expiration policy, users are reminded to change old passwords, and accounts that have expired passwords are disabled.
Password Policy - SQL Server | Microsoft Learn
It doesn't say anything about at which point users start getting reminders.
From what I can see, once the password has expired, they need assistance from someone with sufficient privileges to reset the password and enable the account again.
