Randolph West does a switcharoo:
Dave is referring to the Microsoft Docs page for
PWDENCRYPT(), which has been deprecated for some time. Unfortunately, although the recommended replacement isHASHBYTES(), there isn’t an example on either page of how to replicate the functionality ofPWDENCRYPT().So, borrowing from Sebastian Meine who wrote an article titled Hash Algorithms – How does SQL Server store Passwords?, this is how you can replicate the functionality of
PWDENCRYPT()to create a login, using theHASHBYTES()function instead:
If this is what you have, so be it…but an algorithm like bcrypt or scrypt would be so much better for this purpose than SHA2 or SHA3. That means using a third party library for it but there are plenty for React, .NET, Python, etc.
What I’d give to see scrypt in SQL Server for auth…