Q

Not allowing TEAM-SQL users to log in with SQL Server authentication

My company is looking to use a product called TEAM-SQL by Alexsys. Our security standard is to use Windows authentication, but the TEAM-SQL product is set up to use SQL Server authentication. What could some of the repercussions be if we did not allow TEAM-SQL users to log in with SQL Server authentication?
You lose some of the "nice" features of single-sign on authentication that Windows Authentication allows. It also means that you need to be vigilant to watch for multiple failed password attempts in your SQL server logs. Filter through your logs with your favorite text grabbing tool (GREP or similar) and look for failed attempts at SQL logins -- these could indicate a brute-force intruder. Also, make sure that your password policy extends to SQL. While your Active Directory tree may ENFORCE password complexity, it is up to your users to choose an equally complex password for their SQL logins.
This was first published in April 2005

Dig deeper on SQL Server Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchDataCenter

SearchDataManagement

SearchAWS

SearchOracle

SearchContentManagement

SearchWindowsServer

Close