My company is looking to use a product called TEAM-SQL by Alexsys. Our security standard is to use Windows authentication, but the TEAM-SQL product is set up to use SQL Server authentication. What could some of the repercussions be if we did not allow TEAM-SQL users to log in with SQL Server authentication?
You lose some of the "nice" features of single-sign on authentication that Windows Authentication allows. It also means that you need to be vigilant to watch for multiple failed password attempts in your SQL server logs. Filter through your logs with your favorite text grabbing tool (GREP or similar) and look for failed attempts at SQL logins -- these could indicate a brute-force intruder. Also, make sure that your password policy extends to SQL. While your Active Directory tree may ENFORCE password complexity, it is up to your users to choose an equally complex password for their SQL logins.
Dig deeper on SQL Server Security
Learn why SQL Server 2000 connection is lost on the client side when database administrator changes 'SA' password on the SQL Server domain.continue reading
Find how to create a SQL Server 2000 login account and then set user account rights to specific databases with "db_owner."continue reading
Learn how to create a SQL Server user authentication schema having password and tracked data changes requirements and how it involves Windows ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.