http://www.sqlservercentral.com/Content tagged Security posted on SQLServerCentral.comen-us360sjones@sqlservercentral.com (Steve Jones)Application roles often interesting possibilities in theory. In practice? Brian explores how they work and some of the pros/cons you should consider before selecting them for use in your applications. http://www.sqlservercentral.com/articles/Security/sqlserversecurityprosandconsofapplicationroles/1116/2007/07/20http://www.sqlservercentral.com/articles/Security/sqlserversecurityprosandconsofapplicationroles/1116/http://www.sqlservercentral.com/questions/Security/62832/2008/05/15http://www.sqlservercentral.com/questions/Security/62832/i took the core from a script found in the site for generating permissions and update it. http://www.sqlservercentral.com/scripts/Security/62477/2008/05/06http://www.sqlservercentral.com/scripts/Security/62477/ SQL Server source code analysis and management add database security by debugging and testing SQL applications. Learn about SQL source code analysis.http://www.sqlservercentral.com/redirect/articles/62905/2008/05/06http://www.sqlservercentral.com/redirect/articles/62905/Free SQL Server 2000 Encryption for your data!!! Author Michael Coles has put together a tolljit and some XPs that you can use to encrypt your data with the Blowfish algorithm. It is hard to write good applications that encrpyt data and manage the keys and security. This will give you a great headstart on protecting your data. http://www.sqlservercentral.com/articles/Security/freeencryption/1980/2008/04/25http://www.sqlservercentral.com/articles/Security/freeencryption/1980/Gaining insight into my SQL Server standard and Windows logins has historically been a challenge in terms of determining password changes, failed login attempts, etc. I have noticed that you have experienced the same issue with your tip entitled 'When was the last time the SQL Server sa password changed' and I have noticed some information in the forums on the topic as well. http://www.sqlservercentral.com/redirect/articles/62838/2008/04/21http://www.sqlservercentral.com/redirect/articles/62838/Enhanced sp_help_revloginhttp://www.sqlservercentral.com/scripts/Security/62261/2008/04/09http://www.sqlservercentral.com/scripts/Security/62261/Converts a binary SID to string format.http://www.sqlservercentral.com/scripts/SID/62274/2008/04/02http://www.sqlservercentral.com/scripts/SID/62274/Make backup several databases with a cursorhttp://www.sqlservercentral.com/scripts/Backup/61888/2008/03/27http://www.sqlservercentral.com/scripts/Backup/61888/http://www.sqlservercentral.com/questions/Security/62256/2008/03/26http://www.sqlservercentral.com/questions/Security/62256/http://www.sqlservercentral.com/questions/Security/62376/2008/03/24http://www.sqlservercentral.com/questions/Security/62376/Looking at this from a confidentiality, integrity and availability perspective – the essence of security and compliance – there are quite a few new selling points.http://www.sqlservercentral.com/redirect/articles/62548/2008/03/24http://www.sqlservercentral.com/redirect/articles/62548/SQL injection has been a hot topic the last couple years and there are some great articles at SQLServerCentral.com on this topic. Michael Coles brings us an updated look at this SQL Server security issue with some new examples you might not have previously thought. http://www.sqlservercentral.com/articles/Security/updatedsqlinjection/2065/2008/03/21http://www.sqlservercentral.com/articles/Security/updatedsqlinjection/2065/http://www.sqlservercentral.com/questions/Security/62254/2008/03/19http://www.sqlservercentral.com/questions/Security/62254/This script will list user permissions for database objects.http://www.sqlservercentral.com/scripts/Security/62064/2008/03/19http://www.sqlservercentral.com/scripts/Security/62064/http://www.sqlservercentral.com/questions/Security/62240/2008/03/11http://www.sqlservercentral.com/questions/Security/62240/http://www.sqlservercentral.com/questions/Security/62257/2008/03/10http://www.sqlservercentral.com/questions/Security/62257/You have all read about why object qualification is important. You also must have heard of why stored Proc should not have sp_ as prefix to the name. Now let us proove if this is all true.http://www.sqlservercentral.com/articles/T-SQL/62061/2008/03/10http://www.sqlservercentral.com/articles/T-SQL/62061/Although a few different options (Management Studio, system stored procedures, system views, custom scripts, etc.) exist to determine your permissions in SQL Server, in this tip we want to outline the functionality from the fn_my_permissions table valued function. http://www.sqlservercentral.com/redirect/articles/62439/2008/03/10http://www.sqlservercentral.com/redirect/articles/62439/http://www.sqlservercentral.com/questions/Security/62253/2008/03/05http://www.sqlservercentral.com/questions/Security/62253/Script one or all roles in a database. Includes users, obect permissions and column permissions.http://www.sqlservercentral.com/scripts/SQL+2000/61878/2008/02/20http://www.sqlservercentral.com/scripts/SQL+2000/61878/This script will produce the server login/role and db user/role in all databases in the server.It is best advised that you first delete/recreate orphaned users for best resultshttp://www.sqlservercentral.com/scripts/Security/61595/2008/01/25http://www.sqlservercentral.com/scripts/Security/61595/An upgrade to the Best Practices Analyzer from Microsoft is now available. Here's a blog post from the SQL CAT team.http://www.sqlservercentral.com/redirect/articles/62020/2008/01/21http://www.sqlservercentral.com/redirect/articles/62020/Longtime SQL Server guru David Poole brings us a look at one of the thorny problems a DBA faces: tracking down illicit users.http://www.sqlservercentral.com/articles/Security/61678/2008/01/15http://www.sqlservercentral.com/articles/Security/61678/Part 2 of this article discusses how to hack/de-cipher the data that has been encrypted by passphrase.http://www.sqlservercentral.com/redirect/articles/61831/2008/01/10http://www.sqlservercentral.com/redirect/articles/61831/ Learn how using basic SQL Server security practices of least privilege, delegated administration and separation of duties will protect SQL Server databases.http://www.sqlservercentral.com/redirect/articles/61838/2008/01/09http://www.sqlservercentral.com/redirect/articles/61838/SQL Server 2005 provides four methods of encryption. Part one of this article covers encryption and decryption by passphrase.http://www.sqlservercentral.com/redirect/articles/61830/2008/01/07http://www.sqlservercentral.com/redirect/articles/61830/Grant permits execution to all user on all sp and functionshttp://www.sqlservercentral.com/scripts/Security/61408/2008/01/04http://www.sqlservercentral.com/scripts/Security/61408/Greg Larsen discusses the different options available within SQL Server 2005 for managing security.http://www.sqlservercentral.com/redirect/articles/61730/2008/01/01http://www.sqlservercentral.com/redirect/articles/61730/How anonymous are your ratings and other opinions on the Internet? Not as much as you might think.http://www.sqlservercentral.com/articles/Editorial/61779/2007/12/27http://www.sqlservercentral.com/articles/Editorial/61779/