Ask the Expert

Not allowing TEAM-SQL users to log in with SQL Server authentication

My company is looking to use a product called TEAM-SQL by Alexsys. Our security standard is to use Windows authentication, but the TEAM-SQL product is set up to use SQL Server authentication. What could some of the repercussions be if we did not allow TEAM-SQL users to log in with SQL Server authentication?

    Requires Free Membership to View

You lose some of the "nice" features of single-sign on authentication that Windows Authentication allows. It also means that you need to be vigilant to watch for multiple failed password attempts in your SQL server logs. Filter through your logs with your favorite text grabbing tool (GREP or similar) and look for failed attempts at SQL logins -- these could indicate a brute-force intruder. Also, make sure that your password policy extends to SQL. While your Active Directory tree may ENFORCE password complexity, it is up to your users to choose an equally complex password for their SQL logins.

This was first published in April 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: