Home Forums SQL Server 2012 SQL 2012 - General Today's Humor.. RE: Today's Humor..

  • July 31, 2014 at 4:13 pm

    #1734301

    Michael Valentine Jones (7/31/2014)

    The last vendor I had to deal with had an application that required the use of a specific SA password to connect to the database on a specifically named (non-default) instance. Having an application use a hard coded SA password is really bad security, but it's just some medical application, so no big deal. :crying:

    ...

    Another vendor application (for a building security system) required the use of a blank SA password so I guess it can always get worse.

    That's when you rename the sa login to something which sounds useless, disable it and create a new login called 'sa' with just the permissions you want it to have.

    Want sa? Sure, just gimme a couple minutes...

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass