After several failed login attempts, my SQL Server SA account is locked out with the error message: "Login failed for user 'SA' because the account is currently locked out. The system administrator can unlock it. (Microsoft SQL Server, Error: 18486)". How can I unlock the SA account in this case?
From the received error message, the reason why the SA account gets locked out after multiple failed login attempts are because the SQL Server login is configured to use password policy enforcement and account lockout is enabled after a certain number of failed login attempts. Based on this situation, this page is going to show two methods to unlock SQL Server SA account when it's locked out. The methods work on Microsoft SQL Server 2008/2012/2014/2016, etc.
Step 1: Get SQL Password Refixer software installed on your computer.
Step 2: Stop SQL Server Instance service.
Step 3: Launch SQL Password Refxer software.
Step 4: Click Open File, navigate to the path to the master.mdf file, select it, and then click Open to import the file path into the software.
Tips: Typically, SQL Server master database files are located in C:/Program Files(x86)/Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\DATA\master.mdf.
Step 5: It displays a list of all accounts on your SQL Server, click to select the locked sa account, and then click the Reset button.
Step 6: Type a new password in the box and click OK.
Step 7: Once prompted with Password successfully changed, your SQL Server SA password is reset to the new one, and the account gets unlocked in the meantime.
Step 8: Exit SQL Password Refixer software.
Step 9: Start SQL Server service. Then you can successfully connect to SQL Server with SA login.
This method works when Windows Authentication login has been enabled on SQL Server.
Step 1: Open SQL Server Management Studio and select Windows Authentication to login.
Step 2: Go to Security -> Logins -> sa, and double-click on sa account.
Step 3: After sa Login Properties dialog opens, select the General page, uncheck the box beside Enforce password policy, and click OK.
Step 4: Select the Status page, make sure the box besides Login is locked out is unchecked. Then the SA account can be unlocked and you can successfully connect to SQL Server with SA login.
In addition to the two methods above, some people find SA account can automatically unlock after 20 minutes since the lockout. Hence, once SA account is locked out, you might as well wait 20-30 minutes before attempting to login SQL Server.