Re: Is my password visible when opening a standard user connection from visual basic?

From: Ron Talmage (rtalmage@prospice.com)
Date: 10/31/02 

From: "Ron Talmage" <rtalmage@prospice.com>
Date: Thu, 31 Oct 2002 10:16:14 -0800

Roel,

By default SQL Server's communication from client to server is not
encrypted. You can use the Multiprotocol network library to enforce
encription (see the Server Network Utility), or use Windows 2000 encryption.

Ron 

--
Ron Talmage
SQL Server MVP
"Roel Schreurs" <schreurs_roel@hotmail.com> wrote in message
news:321ebdef.0210310732.1102a55a@posting.google.com...
> Hi all,
>
> My Visual Basic application uses ADO to connect to a SQL Server 7. I
> am opening a connection for a user that has a standard login (not an
> NT user). I have to supply the username an password in the statement:
>
> Dim myConnection As Connection
>
>   Set myConnection = New Connection
>
>   myConnection.Open "<connect_string>", "<user_name>", "<password>"
>
> Can this password be seen on the network with some packet sniffer or
> anything? If so, is there a way to avoid this?
>
> With the related problem of using an application role, the visibility
> of the password can be avoided by modifying the tSQL statement from
>
>   EXEC sp_setapprole '<user_name>', '<password>'
>
> into
>
>   EXEC sp_setapprole '<user_name>', {Encrypt N '<password>'}, 'odbc'
>
> Is there something similar?
>
> Thanks in advance,
>
> Roel Schreurs
Quantcast