Printed 2017/08/23 07:45PM

Using the sa account -- Just say "NO!"


Aunt Kathi knows many of you do things you know are wrong, like rolling through stop signs, littering, and using the sa account in your connection strings. If you're lucky, you won't get caught at the stop sign and you probably don't participate in Alice's Restaurant scale littering. But using the sa account in connection strings and DSNs is an unforgivable offense.

But seriously, it's an unnecessary and very bad practice. Would you use let everyone in your company have the password to the Domain Admin account? Depending on the rights the SQL Server start up account has (future blog), that could essentially be what you are doing. I don't care if you say you are going to get things cleaned up after the software is all configured. I don't care if your vendor says you have to do it for the software to work. I don't care if that is what you have always done. Just don't do it! Cleaning up sa account use after it is established can be a lot of work. It took me two months to track down every instance of its use in one of my company's more complicated systems.

Here is what you should do:


Copyright © 2002-2017 Redgate. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.