Hi guys, I'm very new to sql and MSSM 2008.
I have management studio 2008.
I made a program to read my database.
I enabled server authentication and made a strong PW for the 'sa' account. (why i enabled SA, beacuse I thought to remotely login from other networks off site, I needed this?, correct me if im wrong!)
I opened port on my router to allow myself to remotely login and see my database entries from any computer using a little program/tool I made.
When I logged in, it let me log in and see my database, even with the WRONG username and password!
Is there some sort of guest account enabled? I feel like this is a security risk! I don't want any computer or anyone being able to see what is in the database unless a password is matching a database user. Basically at this point, if they know my IP address, they can login and see what is in my tables. I haven't tried to update or insert records from the remote computer yet.
But the goal is to have remote access from other networks off site being able to ONLY see what is in the database by using a username/pw, WITHOUT being able to update/insert records or edit or delete anything.
Is there a way to manage all this inside MSSM? because I don't know any other way since im totally a newb at this point... Trying to learn all on my own.
Thank you so much