Re: Why Windows Authentication?

From: Jacco Schalkwijk (jacco.please.reply_at_to.newsgroups.mvps.org.invalid)
Date: 03/30/05

• Next message: pdxJaxon: "Re: Dropping a uniwue clustered index HELP"
• Previous message: Tibor Karaszi: "Re: Why Windows Authentication?"
• In reply to: Tibor Karaszi: "Re: Why Windows Authentication?"
• Next in thread: Jason Mauss: "Re: Why Windows Authentication?"
• Reply: Jason Mauss: "Re: Why Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 30 Mar 2005 17:50:01 +0100

User has to fill in another login screen.

-- 
Jacco Schalkwijk
SQL Server MVP
"Tibor Karaszi" <tibor_please.no.email_karaszi@hotmail.nomail.com> wrote in 
message news:ekYzQOUNFHA.2748@TK2MSFTNGP09.phx.gbl...
> Other disadvantaged with SQL Server logins:
>
> Yet another password to remember, write down, waiting to be stolen
> No enforcement to change password after x number of days
> No rules for password complexity
>
>
> -- 
> Tibor Karaszi, SQL Server MVP
> http://www.karaszi.com/sqlserver/default.asp
> http://www.solidqualitylearning.com/
> http://www.sqlug.se/
>
>
> "Jason Mauss" <jason.mauss@nospamgmail.com> wrote in message 
> news:e4YWPCUNFHA.3760@TK2MSFTNGP12.phx.gbl...
>> So the only reason I've heard of so far is that the password encryption 
>> is
>> less secure than Windows. That can't be the only reason...?
>>
>> Jason
>>
>> "Jacco Schalkwijk" <jacco.please.reply@to.newsgroups.mvps.org.invalid> 
>> wrote
>> in message news:OQDNVZKNFHA.1436@TK2MSFTNGP10.phx.gbl...
>>> The credentials when using SQL Server authentication are not passed as
>> clear
>>> text, but the encryption is not very strong either. If you capture the
>>> password in encrypted form, it is possible to decrypt it without
>> additional
>>> information (like a private key).
>>>
>>> -- 
>>> Jacco Schalkwijk
>>> SQL Server MVP
>>>
>>>
>>> "pdxJaxon" <GregoryAJackson@Hotmail.com> wrote in message
>>> news:%234$wwPKNFHA.1948@TK2MSFTNGP14.phx.gbl...
>>> > lots of reasons.
>>> >
>>> > One of the main things is that SQL credentials are passed clear text.
>>> >
>>> > yes you can use groups\roles etc
>>> >
>>> >
>>> > Greg Jackson
>>> > PDX, Oregon
>>> >
>>>
>>>
>>
>>
>
> 

• Next message: pdxJaxon: "Re: Dropping a uniwue clustered index HELP"
• Previous message: Tibor Karaszi: "Re: Why Windows Authentication?"
• In reply to: Tibor Karaszi: "Re: Why Windows Authentication?"
• Next in thread: Jason Mauss: "Re: Why Windows Authentication?"
• Reply: Jason Mauss: "Re: Why Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Return Key (identity) on INSERT operation (SQL/ASP) ... hopefully he can expedite processing your full subscription. ... SQL Server MVP ... Columnist, SQL Server Professional ... Please reply to the newsgroup. ... (microsoft.public.inetserver.asp.general) Re: Return Key (identity) on INSERT operation (SQL/ASP) ... hopefully he can expedite processing your full subscription. ... SQL Server MVP ... Columnist, SQL Server Professional ... Please reply to the newsgroup. ... (microsoft.public.sqlserver.programming) Re: Profiling error message 208: sorting the wheat from the chaff ... Profile load to a file then load the> file to a table or have Proviler load to a table directly. ... > SQL Server MVP ... (microsoft.public.sqlserver.server) Re: Return Key (identity) on INSERT operation (SQL/ASP) ... SQL Server MVP ... Columnist, SQL Server Professional ... Please reply to the newsgroup. ... "Tom Moreau" wrote in message ... (microsoft.public.inetserver.asp.general) Re: Return Key (identity) on INSERT operation (SQL/ASP) ... SQL Server MVP ... Columnist, SQL Server Professional ... Please reply to the newsgroup. ... "Tom Moreau" wrote in message ... (microsoft.public.sqlserver.programming)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint