I tend to agree with this article!
This is also a good approach for databases that were not designed "correctly" and have left the gates wide open. It is far easier and cost effective (after the fact) to provide application level security through one login/encrypted password per app (and thereby lock down all users) than it would be to rewrite everything to use stps and views.
I also tend to think it is faster to develop in the first place using dynamic SQL. However, if a company were to pay to have a full time db admin around to setup and manage everything, the other way would not be too bad.
Thanks for the article.
-Rob Hajicek
SevenStar Technologies