837
Chapter 32: Authentication Types in SQL Server
32
SQL authentication has several advantages:■ Backward compatibility for applications that require SQL logins and
passwords
■ Support for environments with mixed operating systems, where not all
users are authenticated by a Windows domain
■ Ability to deploy SQL Server databases as part of applications that require
preset SQL Server logins
SQL authentication has several disadvantages:■ (^) Increased surface area, making it more vulnerable to attacks and exploits
■ Additional login name and password required for users to remember
■ (^) Limited amount of available password policies
■ Additional overhead maintaining and synchronizing SQL logins and pass-
words across multiple SQL Servers
Differences Between SQL and Windows
Authentication
Windows authentication is the recommended authentication method for SQL Server because
it is superior to Mixed mode because the user does not need to learn yet another password,
and because it leverages the security design of the network.Using Windows authentication means that users must exist as Windows users to be recognized
by SQL Server. The Windows security identifi er (SID) is passed from Windows to SQL Server.Windows authentication is robust in that it authenticates not only Windows users, but also
users within Windows user groups.When a Windows group is accepted as a SQL Server login, any Windows user who is a mem-
ber of the group can be authenticated by SQL Server. Access, roles, and permissions can be
assigned for the Windows group, and they apply to any Windows user in the group.Best Practice
If the Windows users are already organized into groups by function and security level, using those
groups as SQL Server users provides consistency and reduces administrative overhead.c32.indd 837c32.indd 837 7/31/2012 10:01:03 AM7/31/2012 10:01:03 AM
http://www.it-ebooks.info