My company is looking to use a product called TEAM-SQL by Alexsys. Our security standard is to use Windows authentication, but the TEAM-SQL product is set up to use SQL Server authentication. What could some of the repercussions be if we did not allow TEAM-SQL users to log in with SQL Server authentication?
You lose some of the "nice" features of single-sign on authentication that Windows Authentication allows. It also means that you need to be vigilant to watch for multiple failed password attempts in your SQL server logs. Filter through your logs with your favorite text grabbing tool (GREP or similar) and look for failed attempts at SQL logins -- these could indicate a brute-force intruder. Also, make sure that your password policy extends to SQL. While your Active Directory tree may ENFORCE password complexity, it is up to your users to choose an equally complex password for their SQL logins.
Dig Deeper on SQL Server Security
When encrypting SQL tables that have joins in SQL Server 2000, learn about possible problems that may arise with different data values in those ...continue reading
Learn how to set a SQL Server password to an SA login and why you can not set this account for access to separate SQL Server databases.continue reading
Learn why SQL Server 2000 connection is lost on the client side when database administrator changes 'SA' password on the SQL Server domain.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.