Cracking MS SQL Server passwords
by Volker Weber
The inner workings of the undocumented pwdencrypt() hash function in Microsoft SQL Server have been revealed in a paper by security researcher David Litchfield of Next Generation Security Software (NGSS).
Thus security through obscurity fails again.