Re: Expire passwords
From: Uttam Parui[MS] (uttamkp_at_online.microsoft.com)
Date: 08/11/03
- Next message: Uttam Parui[MS]: "RE: Always prompted for pwd confirmation"
- Previous message: Uttam Parui[MS]: "Re: Authentication mode questions"
- In reply to: Sue Hoegemeier: "Re: Expire passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Aug 2003 08:06:48 GMT
Whenever possible, you should require Windows Authentication Mode for
connections to SQL Server. This will shield your SQL Server installation
from most Internet-based attacks by restricting connections to Microsoft
Windows® user and domain user accounts. Your server will also benefit from
Windows security enforcement mechanisms such as stronger authentication
protocols and mandatory password complexity and expiration. Also,
credentials delegation (the ability to bridge credentials across multiple
servers) is only available in Windows Authentication Mode. On the client
side, Windows Authentication Mode eliminates the need to store passwords,
which is a major vulnerability in applications that use standard SQL Server
logins.
For more things to do to secure your SQL Server 2000, visit
http://www.microsoft.com/sql/techinfo/administration/2000/security/securings
qlserver.asp
Regards,
Uttam Parui
SQL Server Developer Support Engineer, MCDBA, MCSE, MCT
Product Support Services
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
Are you secure? For information about the Strategic Technology Protection
Program and to order your FREE Security Tool Kit, please visit
http://www.microsoft.com/security.
- Next message: Uttam Parui[MS]: "RE: Always prompted for pwd confirmation"
- Previous message: Uttam Parui[MS]: "Re: Authentication mode questions"
- In reply to: Sue Hoegemeier: "Re: Expire passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
