is incorrect, you will receive a message such as the following: Login failed for user 'sa'. It seems that you now have a way to brute-force the sa password! using the sp_addsrvrolemember procedure, which takes as parameters a user and a .