Re: Internet password attacks

• Previous message: Dejan Sarka: "Re: User security"
• Next in thread: Hal Berenson: "Re: Internet password attacks"
• Maybe reply: Hal Berenson: "Re: Internet password attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 31 Aug 2005 15:07:01 -0600

I'm not currently an MVP, but I was the General Manager of the SQL Server
group. And I made the decisions on what security enhancements went into SQL
Server 2000. So while I can't speak for Microsoft, and I can provide both
historical perspective and decent analysis of why Microsoft does things.

-- 
Hal Berenson, President
PredictableIT, LLC
"FloMister" <FloMister@discussions.microsoft.com> wrote in message 
news:72AA5F92-5276-4B97-A3F1-2827338DA22F@microsoft.com...
> I've been programming for 20+ years and to me there are a number of
> inexpensive solutions to this problem that Microsoft could deploy, but 
> they
> have delibertly choosen not to for whatever motive.  The fact that no
> Micrsoft MVP has responded to this post as I have seen in most other 
> posts,
> further backs this opinion.
>
> Is there a Microsft MVP out there willing to touch this issue?
>
> "Ross Presser" wrote:
>
>> On Mon, 29 Aug 2005 08:22:51 -0400, Russell Stevens wrote:
>>
>> > <<Allow the SA account to be renamed in a service pack?  You are mad>>
>> >
>> > No - the SP doesn't rename it, it gives the SQL admin the ability to 
>> > change
>> > it. If he has apps that use it, then he can fix them first or leave as 
>> > is.
>>
>> There are many many parts *internal* to SQL server that depend on the sa
>> account being named sa.  A service pack that changes them all to tolerate 
>> a
>> renamed sa account is a dangerous thing to do.
>> 

• Previous message: Dejan Sarka: "Re: User security"
• Next in thread: Hal Berenson: "Re: Internet password attacks"
• Maybe reply: Hal Berenson: "Re: Internet password attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]