Skip to content

Failed Login: SQL Server Error 18456

Understanding and Resolving SQL Server Error 18456

If you’ve worked with SQL Server for any length of time, you’re likely familiar with the dreaded “Login failed for user” error, officially known as Error 18456. This error typically occurs when there’s an authentication failure, but it doesn’t always provide the clearest explanation of what went wrong. Many DBAs encounter this issue, but understanding why it happens and how to resolve it can save you hours of troubleshooting.

In this blog post, I’ll break down what SQL Server Error 18456 means, why it occurs, how to troubleshoot it based on the error state codes, and how to prevent this error from happening in the future.

What is SQL Server Error 18456?

Error 18456 occurs when a user or application attempts to connect to SQL Server, but the login attempt fails due to incorrect authentication. The error looks something like this in the SQL Server Error Log:

Error: 18456, Severity: 14, State: 1.Login failed for user 'username'. Reason: Could not find a login matching the name provided. [CLIENT: <ip_address>]

The Severity: 14 indicates a security-related issue, while the State codes provide more granular information on why the login failed. Unfortunately, the generic error message doesn’t tell you much by itself, so looking at the state codes in the SQL Server Error Log becomes crucial for troubleshooting.

Common Reasons for Error 18456

While Error 18456 may seem vague, the associated State code is key to diagnosing the specific cause of the login failure. Below are the most common state codes and what they indicate:

  • State 1: This is a generic message, typically returned when SQL Server intentionally hides the underlying reason for the failure. State 1 errors are often logged to obscure details from unauthorized users. You’ll need to check the SQL Server error log for more context, as it could indicate anything from incorrect credentials to security restrictions.
  • State 2: This state occurs when a user tries to connect to a specific database that either doesn’t exist or is offline. For instance, if a user’s default database has been deleted or taken offline, SQL Server will fail the login. This state often points to configuration issues, such as an incorrect connection string in the application or changes in the database environment.
  • State 5: This state indicates that the login name does not exist in SQL Server. You’ll often see this error if you’re trying to connect with a username that hasn’t been created on the instance or if there’s a typo in the login name.
  • State 6: This error occurs when the user doesn’t have permission to access the requested database. This might happen if the user doesn’t have the necessary permissions in the target database or if the database is restricted to certain users only. Double-check the user’s roles and permissions in the target database.
  • State 7: The login failed because the SQL Server login is disabled, or there’s no associated user account in the database. This error often occurs in scenarios where the login exists in SQL Server, but either the login itself is disabled or the login lacks access to any databases. This can also happen with Windows authentication logins if the associated Windows account doesn’t have the correct privileges.
  • State 8: This is one of the most common state codes and indicates that the password entered is incorrect. The login attempt fails because SQL Server is rejecting the password during authentication. SQL Server passwords are case-sensitive, so ensure that the correct password is being entered, particularly in applications where the password may have been hardcoded incorrectly.
  • State 9: This state occurs when there’s a mismatch between the type of authentication requested by the user and the authentication mode supported by SQL Server. For example, if SQL Server is set to Windows Authentication mode and a user attempts to log in with SQL Server Authentication, Error 18456 will occur. Ensure the authentication mode matches the login type being used.
  • State 11: This state means that while the login is valid, the login doesn’t have permissions to access the server. This often happens when a login is created but hasn’t been assigned to any roles or given access to any databases. The user needs to be granted access to the appropriate databases or roles.
  • State 12: Similar to State 11, this state indicates that the login is valid but lacks permission to access the target database. This could be due to changes in the database or security configuration, such as removing the user from database roles or security groups.
  • State 13: This state code is logged when the SQL Server service is paused and unable to accept new connections. In this case, you’ll need to resume the SQL Server service to allow connections to be made.
  • State 18: This state occurs when the login fails because the user’s password has expired. In SQL Server, passwords are subject to expiration policies, and if a password expires, the user will be required to reset it before they can log in again. If this occurs for an application login, you may need to reset the password and update the connection strings in the application.
  • State 38: This error state is triggered when the default database for the login is unavailable or offline. If the default database is not accessible, the login attempt will fail. To fix this, either restore or bring the default database online, or change the default database for the login to one that is available.
  • State 58: This state indicates that SQL Server is in the process of shutting down, and thus new connections cannot be made. Wait for the shutdown process to complete or restart SQL Server to resolve this issue.

Real-World Examples of SQL Server Error 18456

Let’s look at a couple of real-world scenarios where Error 18456 occurred and how it was resolved.

Example 1: Application Login Failing Due to Expired Password (State 18)

In this case, a client contacted us because their critical business application suddenly stopped working after years of running smoothly. The application used a SQL Server login for database access, but the login was failing with Error 18456 and State 18. After reviewing the error log, we determined that the password for the SQL Server login had expired, which was causing the application to fail its authentication attempts.

To resolve the issue, we reset the password for the SQL Server login, updated the connection string in the application with the new password, and restarted the application services. This restored the application’s functionality immediately. As a preventive measure, we set up an alert to notify the client 30 days before any future password expirations, ensuring they can take action before the problem occurs again.

Example 2: Failed Logins After Database Migration (State 38)

Another client was migrating their databases to a new SQL Server instance. After the migration was completed, some of the users were unable to log in and were receiving Error 18456 with State 38. Upon investigation, we discovered that the default database for the affected logins was set to the old instance, which had been decommissioned after the migration.

To fix this, we updated the default database for the affected logins to the new instance’s database. Once this change was made, the users were able to successfully connect to the SQL Server instance without any further issues. This situation emphasizes the importance of checking all database settings post-migration, including login configurations.

Troubleshooting SQL Server Error 18456

Here’s a step-by-step guide to troubleshooting and resolving Error 18456:

  1. Check the SQL Server Error Log: Start by reviewing the SQL Server Error Log, which provides more detailed information about the login failure, including the state code. This will help pinpoint the exact issue.
  2. Verify Credentials: Ensure the login name and password are correct, especially if the error is occurring in an application connection string. Passwords are case-sensitive, so double-check for typos.
  3. Authentication Mode: Make sure SQL Server is configured for the correct authentication mode (Windows Authentication, SQL Server Authentication, or Mixed Mode) depending on the type of login you are using.
  4. Account Status: Verify that the account isn’t locked out or disabled. If necessary, re-enable the login and test the connection again.
  5. Check Default Database: If the state code indicates an issue with the default database (State 2 or State 38), ensure that the default database exists and is accessible, or change the default database to one that is online.
  6. Permission Issues: If the error indicates a permissions issue (States 6, 11, or 12), review the user’s access permissions and roles within SQL Server and the specific database.
  7. Expired Password: If the password has expired (State 18), reset the password either through SQL Server Management Studio (SSMS) or using T-SQL commands, and ensure the connection strings in your applications are updated accordingly.

Proactive Prevention: How Stedman Solutions Can Help

SQL Server Error 18456 is a common but often preventable issue with the right monitoring and management practices in place. At Stedman Solutions, we offer proactive SQL Server management and monitoring through our Managed Services. Our Team uses Database Health Monitor to provide continuous surveillance of your SQL Server environment, alerting us to potential login failures, authentication issues, and other performance problems before they escalate.

With our Managed Services, you can enjoy peace of mind knowing that your SQL Server environment is being monitored 24/7 by experts who can detect and resolve issues like Error 18456 quickly and efficiently. In addition, we offer regular security reviews to ensure your authentication settings, user permissions, and access controls are optimized to prevent future login failures.

Learn more about how our Managed Services can help you avoid errors like 18456 and keep your SQL Server running smoothly by visiting Stedman Solutions.

Conclusion

SQL Server Error 18456 can be frustrating, but it doesn’t have to be a mystery. By understanding the different state codes and following a structured troubleshooting process, you can quickly identify and resolve login failures. Whether it’s a misconfigured default database, an expired password, or a permissions issue, each state code offers valuable clues for pinpointing the problem.

If you’re dealing with frequent login failures or other recurring issues in your SQL Server environment, consider taking advantage of our Managed Services to help monitor and maintain your systems. With proactive monitoring and expert support from Stedman Solutions, you can focus on your business while we ensure your SQL Server is running at its best.

If you’ve encountered Error 18456 and need help resolving it, don’t hesitate to reach out to Stedman Solutions for expert SQL Server support!

sql server managed services ssms

Find out more about our SQL Server Managed Services from Stedman Solutions.

Schedule a time to discuss how Stedman Solutions can help.

Getting Help from Steve and the Stedman Solutions Team
We are ready to help. Steve and the team at Stedman Solutions are here to help with your SQL Server needs. Get help today by contacting Stedman Solutions through the free 30 minute consultation form.

Contact Info for Stedman Solutions, LLC. --- PO Box 3175, Ferndale WA 98248, Phone: (360)610-7833
Our Privacy Policy