Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in

Content with tags T-SQL, Security Rss

<< Newer    Items 21 to 34 of 34   

Stop SQL Injection Attacks Before They Stop You

A new article from MSDN magazine on stopping SQL Injection attacks by examining how the SQL can be exploited. It's a good basic article for developers as well as DBAs who might have to review code.  Read more...
By Additional Articles 2004/08/20 | Source: MSDN Communities | Category: security
Rating:  Rate this |   Briefcase | 2,415 reads

Save Your Password

Storing passwords in SQL Server for authentication by your application is a common practice. But not always a good one. Someone with access could easily see all passwords and perhaps cause mischief inside your application. Imagine the office gossip getting access to your HR application as the HR director! Not a good thing. Dinesh Asanka has written a short piece on how you can use a built in function in SQL Server to encrypt these passwords and use them with a minimum of effort.   Read more...
By Dinesh Asanka 2004/07/12 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 13,147 reads

How to Make Sure You Have Good Passwords

As Robin points out there is no built in way to make sure users have strong passwords when using SQL authentication. There are a couple changes you can make (with appropriate warnings!) that will allow you to do this. Read on to find out why and how.   Read more...
By Robin Back 2004/03/02 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 6,626 reads

SQL Injection!

Do your developers really understand how to prevent injection attacks? Or scarier still, how many know what an injection attack is? Chris has some great examples of how sql injection works and how to prevent it.   Read more...
By Christoffer Hedgate 2004/02/02 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 16,715 reads

Dynamic SQL or Stored Procedure

We've had a lot of coverage of dynamic sql (including another great one from Robert Marda later this week) but this one is a little different. Done in a question/answer format, Andy tries to explain to junior developers why dynamic sql is to be avoided, how to do so, what to do when you can't.   Read more...
By Andy Warren 2005/08/26 (first published: 2003/04/23) | Source: | Category: performance tuning
Rating: |  Discuss |   Briefcase | 47,252 reads

Review of SQL 2000 Fast Answers

A monster book at 980 pages, it's written in 'how-to' format and has a ton of good material. Andy gave it the once over for us and reports back - see what he thinks!   Read more...
By Andy Warren 2003/04/18 | Source: | Category: installation
Rating: |  Discuss |   Briefcase | 18,205 reads

Logins, Users, and Roles - Getting Started

Do you know the difference between a login and a user? What's the best way to add them; Enterprise Manager, T-SQL, or SQL-DMO? In this beginner level article Andy demonstrates how to use all three methods to add logins and users and offers his view of which is the best technique.   Read more...
By Andy Warren 2005/09/30 (first published: 2003/02/19) | Source: | Category: administration
Rating: |  Discuss |   Briefcase | 35,274 reads

The Case for SQL Logins - Part Two

In this follow up to one of our most popular articles, Andy responds to comments posted by readers and discusses how to manage SQL logins effectively in your applications.   Read more...
By Andy Warren 2002/08/19 | Source: | Category: administration
Rating: |  Discuss |   Briefcase | 6,773 reads

Review of SQL Server 2000 Programming (MSPress)

Andy sits down with an entry level book to see if he should use it at work as a teaching aid. Did he like it? Should you buy it? Read the review now!   Read more...
By Andy Warren 2002/06/04 | Source: | Category: installation
Rating: (not yet rated) |  Discuss |   Briefcase | 6,398 reads

Auditing Your SQL Server Environment Part II Auditing Your SQL Server

In this article by Randy Dyess he shares with you the script on how he audits his environment and outputs reports of the permissions that users have.  Read more...
By Randy Dyess 2002/05/30 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 9,538 reads

Auditing Your SQL Server Environment Part I

Ever been placed into a new environment and couldn't find an ounce of documentation? This article is the first in a series that will help you make an audit of your new environment and determine if any SQL Server login does not have a password, has a password the same as the login name or a password that is only one character long.  Read more...
By Randy Dyess 2002/04/02 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 10,371 reads

Dynamic SQL vs. Static SQL Part 1 - Security

Sooner or later everyone who works with SQL Server hears that it is better to avoid dynamic SQL at all cost. Dynamic SQL will force you to give out more permissions than static SQL. This article by Robert Marda shows you some of the security issues with dynamic SQL.   Read more...
By Robert Marda 2002/02/27 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 11,330 reads

Using Java to Encrypt Passwords

Lots of applications store user names and passwords in the database. This article presents a method for encypting this information using Java.   Read more...
By Les Smith 2001/07/19 | Source: | Category: security
Rating: |  Discuss |   Briefcase | 13,398 reads

Encrypting Data With the Encrypt Function

One of the major problems in the database field is when people store sensitive data unencrypted into SQL Server. This article shows you one of the most basic ways to encrypt data to the casual viewer.   Read more...
By Brian Knight 2006/05/29 (first published: 2001/07/17) | Source: | Category: security
Rating: |  Discuss |   Briefcase | 33,003 reads
<< Newer    Items 21 to 34 of 34   
sql server 7 (13)    
miscellaneous (7)    
administration (6)    
advanced querying (5)    
stored procedures (5)    
encryption (4)    
programming (4)    
configuring (3)    
performance tuning (3)    
strategies (3)    
backup / restore (2)    
dts (2)    
indexing (2)    
installation (2)    
monitoring (2)    
permissions (2)    
triggers (2)    
user (2)    
user defined function (udf) (2)    
.net (1)    
administrator (1)    
bcp (bulk copy program) (1)    
databases (1)    
distributed queries (1)    
english query (1)    
execute as (1)    
extended stored procedures (1)    
grant (1)    
grantee (1)    
grantor (1)    
guest user (1)    
hashbytes (1)    
hexadecimal (1)    
list (1)    
login (1)    
logins (1)    
openxml (1)    
permission (1)    
public (1)    
replication (1)    
reporting services (ssrs) (1)    
revert (1)    
role (1)    
script (1)    
scripting (1)    
sp_msforeachdb (1)    
sql puzzles (1)    
sql server 2005 (1)    
sql server 2008 (1)    
sql server 6.5 (1)    
sql-dmo (1)    
type (1)    
updategrams (1)    
xml (1)    
xsl (1)