How can Windows authentication be safer then SQL authentication
Tony Johansson
This question assume we use SQL Server 2005 or SQL server 2008.
All claim that using Window authentication to access a sql server database
is safer then using SQL authentication.
For me I would say that using SQL authentication would be safer because of
the text below.
I mean that to access a SQL Server database it's enought to have a valid
window account on that server.
Assume we want to use SQL Server and we install it on server X. Then if we
want to use Window authentication
we must have a valid window account on that server but if we choose to use
SQL authentication we must create an
account/password in the sql server database.
Can somebody tell me the reason why using window authentication is safer
then using SQL authentication.
How can you prevent a person to access SQL server using window
authentication that also have a window account on the same server where SQL
server is installed
//Tony
Balaji
Not all valid windows users on the server get access to the SQL Server. Only
users belonging to certain windows groups which have access to SQL Server
are allowed to login to SQL Server.
Regards, Balaji
"Tony Johansson" <johansson...@telia.com> wrote in message
news:ZZtOm.12952$U5.1...@newsb.telia.net...
Uri Dimant
If that account is member of Administrator role on the machine that SQL
Server runs , so you CANNOT
The princip depends upon the data access needs of your domain users, group
them into different global groups in the domain and then consolidate these
global groups from all the trusted domains into the Windows Server local
groups in your SQL Server computer then grant access to log into the SQL
Server
I am sure you are aware of above
Also there is anothe argument of using WA rather than Mixed
http://dimantdatabasesolutions.blogspot.com/2007/04/sql-or-windows-authentication.html
"Tony Johansson" <johansson...@telia.com> wrote in message
news:ZZtOm.12952$U5.1...@newsb.telia.net...
Erland Sommarskog
> This question assume we use SQL Server 2005 or SQL server 2008.
> All claim that using Window authentication to access a sql server database
> is safer then using SQL authentication.
> For me I would say that using SQL authentication would be safer because of
> the text below.
> I mean that to access a SQL Server database it's enought to have a valid
> window account on that server.
>
> Assume we want to use SQL Server and we install it on server X. Then if
> we want to use Window authentication we must have a valid window account
> on that server but if we choose to use SQL authentication we must create
> an account/password in the sql server database.
>
> Can somebody tell me the reason why using window authentication is safer
> then using SQL authentication.
Windows authentication is considered safer, because Windows is better
protected against brute-force attacks and it is more difficult to sniff
a password with a line-listener.
Although, starting with SQL 2005 on Win2003 and later, you can have the
same protection as in Windows against brute-force attacks, and you can
also apply Windows policy to passwords.
To login with SQL Server with SQL authentication, all you need is a
username and a password and TCP/IP access. To login to SQL Server with
Windows authentication, you first need to log into Windows.
> How can you prevent a person to access SQL server using window
> authentication that also have a window account on the same server where
> SQL server is installed
Simple. You don't grant that person or any group he is member of access to
SQL Server.
If the person has adminsitrator rights on the machine, you should drop
the login BUILTIN\Administrators. (But before this, ensure that some other
Windows user has sysadmin rights in SQL Server, or else you may be in
trouble.)
--
Erland Sommarskog, SQL Server MVP, esq...@sommarskog.se
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx