Re: Adding parameterized values. Which is more secure.

From: Raterus (moc.liamtoh_at_suretar.reverse)
Date: 09/10/04 

Date: Fri, 10 Sep 2004 14:17:31 -0400

You would get a better answer on microsoft.public.dotnet.framework.adonet, but I don't think it really matters. Adding the extra values just allows sql server to more efficiently process the parameters, it doesn't do anything more to secure it.

"Ryan Taylor" <rtaylor@stgeorgeconsulting.com> wrote in message news:OEXtPC1lEHA.896@TK2MSFTNGP12.phx.gbl...
> Hello.
>
> Adding some data to a sql server 2000 table. Is the later more secure than
> the former? If so, why?
>
> SqlCommand sqlCmd = new SqlCommand(update, sqlConn);
>
> sqlCmd.Parameters.Add("@hashedPass", user.HashedPassword);
>
>
>
> SqlCommand sqlCmd = new SqlCommand(update, sqlConn);
>
> sqlCmd.Parameters.Add("@hashedPass", SqlDbType.NVarChar, 255).Value =
> user.HashedPassword;
>
>
>
> Thanks in advance.
>
> Ryan Taylor
>
>

Relevant Pages

  • Secure access to a SQL Server database
    ... securely accessing SQL Server. ... script text, computer launched from, user launching. ... the hash value that gets authenticated against the secure table. ... ASP Currently we use SQL Server authentication and stuff something in a ...
    (microsoft.public.sqlserver.security)
  • Re: Best method of saving data between the normal and SSL stuff
    ... I would use a central SQL Server to host both secure and non-secure data. ... > What I want to do is store their completed orders so that they can look at ... > to same http 'hit' DB? ...
    (microsoft.public.inetserver.asp.db)
  • Re: How to prevent my stored procedure code from being decrypted?
    ... > How should I do to secure my code? ... the primary way to protect intellectual property is with license ... this alias are considered for inclusion in future versions of SQL Server. ... > I found some freewares which can decrypt the encrypted stored procedure. ...
    (microsoft.public.sqlserver.security)
  • Re: [Full-disclosure] Database servers on XP and the curious flaw
    ... that by default it's secure. ... received at least 3 emails that have pointed this out that SQL server is ... running database servers on their system. ... >>well if the configuration allows the guest account access to the database. ...
    (Full-Disclosure)
  • Re: Port 1433 is open to internet, how can I secure db?
    ... Security is not only what is in-built into the product, ... organisation needs to be taken into account when considering how secure your ... applies to SQL Server, but the OS and other software that is running on your ... That does not stop a burgular kicking in all the electrical sockets ...
    (microsoft.public.sqlserver.security)