By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
My company is looking to use a product called TEAM-SQL by Alexsys. Our security standard is to use Windows authentication, but the TEAM-SQL product is set up to use SQL Server authentication. What could some of the repercussions be if we did not allow TEAM-SQL users to log in with SQL Server authentication?
You lose some of the "nice" features of single-sign on authentication that Windows Authentication allows. It also means that you need to be vigilant to watch for multiple failed password attempts in your SQL server logs. Filter through your logs with your favorite text grabbing tool (GREP or similar) and look for failed attempts at SQL logins -- these could indicate a brute-force intruder. Also, make sure that your password policy extends to SQL. While your Active Directory tree may ENFORCE password complexity, it is up to your users to choose an equally complex password for their SQL logins.