Hi everyone, hopes everyone has a great weekend and is hitting the ground running in week 5!
What is the difference between a Windows Authentication and a SQL Server Authentication?
o
Differences would be that the user gains access to the database after logging in with their windows login credentials using the Windows Authentication method, and no extra credentials are needed. Where with the SQL version of authentication the user first logs into the device, then provides a second set of credentials which must match what is stored in the database server
(Basta & Zgola, 2011)
.
How does SQL Server perform authentication when a user connects from a nontrusted connection with a specified logon name and password?
o
The SQL server performs its authentication with the credentials that are stored within its own database as verification that the username that was provided matches what is saved in the database, along with the password. This way the database allows access to correct individuals that are already in the database and keeps those who’ve might’ve found the database off it
(Basta & Zgola, 2011)
.
Why is it not advisable to enable the SA account in SQL Server?
o
The SA stands for ‘System Administrator ‘account and aside from being the account that has every permission enabled but holds the right to also grant any action within the database. It should’ve be enabled since by default it does not have a password set for it, in the event it was enabled without setting the password it will allow whoever has control of the account to perform any action
in the database
(Basta & Zgola, 2011)
. -Alex
Basta, A., & Zgola, M. (2011). Database Security. Cengage Limited.
https://online.vitalsource.com/books/9781305328495
