836
Part VI: Securing Your SQL Server
Best Practice
When changing to SQL authentication and Windows Authentication mode, always remember to create
a strong password for the sa account.Windows authentication has several advantages:■ (^) Central account management and account policy enforcement through Active
Directory.
■ (^) Support for Active Directory groups.
■ (^) Single sign-on experience by Windows authenticated users. You do not need to
enter login name and password to connect to SQL Server.
■ (^) Less surface area, making it more secure against additional vulnerabilities and
exploits.
Windows authentication has several disadvantages as well:
■ (^) Non-Windows domain account authentication is not supported.
■ (^) No support exists for legacy applications that require a SQL authentication.
SQL Authentication
SQL Server authentication enables users to specify a login name and password to connect
to a SQL Server database. The login name and password are created, stored, and managed in
SQL Server.When an instance is confi gured for SQL Authentication mode, SQL authentication is
enabled alongside with Windows authentication. Both Windows and SQL logins are
supported.SQL Authentication mode enables the default sa account. It is important to assign a strong
password to the sa account.Best Practice
If no requirement exists for the sa account to be active, you should always assign a strong password
and disable it to prevent malicious attacks that target the sa account.c32.indd 836c32.indd 836 7/31/2012 10:01:03 AM7/31/2012 10:01:03 AM
http://www.it-ebooks.info