2004-03-03
2,122 reads
Security
How to Make Sure You Have Good Passwords
As Robin points out there is no built in way to make sure users have strong passwords when using SQL authentication. There are a couple changes you can make (with appropriate warnings!) that will allow you to do this. Read on to find out why and how.
2004-03-02
6,670 reads
2004-02-27
1,756 reads
SQL Injection - Part 1
Randy says that the biggest reason we have so many injection vulnerabilities is that all the asp books use inline sql for their examples! We STILL encounter developers who don't understand injection. Read and pass on to your dev team.
2004-02-24
15,776 reads
SQL Server 2000 Best Practices Analyzer Beta
Microsoft has released a new tool to analyzer your SQL Servers and see how they conform to their list of common best practices. Give it a try and let us know what you think.
2004-02-10
3,515 reads
SQL Injection!
Do your developers really understand how to prevent injection attacks? Or scarier still, how many know what an injection attack is? Chris has some great examples of how sql injection works and how to prevent it.
2004-02-02
17,562 reads
Permissions on System Tables Granted to Logins Due to the Public Role
Many of you know that Brian Kelley is our resident security guy. If you didn't, this might prove it! There is a ton of information in this 63 page document worth reading. Let us know what you think.
2004-01-21
774 reads
RC4 Encryption in a Stored Procedure
Joseph gathered together some various bits of code and came up with a solution that lets you do RC4 encryption via the sp_oa~ procedures.
2004-01-09
9,033 reads
TSQL Virus or Bomb?
Joseph discusses some common and not so common security threats including the possibility of a TSQL virus and bombs planted from within the organization.
2003-12-29
5,829 reads
2003-12-17
2,256 reads
Blogs
Learn Better: Pause to Review More
By Brian Kelley
If you want to learn better, pause more in your learning to intentionally review.
Azure SQL Managed Instance Next-Gen: Bring on the IOPS
By John
If you’ve used Azure SQL Managed Instance General Purpose, you know the drill: to...
SQL, MDX, DAX – the languages of data
By DataOnWheels
Ramblings of a retired data architect Let me start by saying that I have...
Forums
Faster Data Engineering with Python Notebooks: The Fabric Modern Data Platform
Comments posted to this topic are about the item Faster Data Engineering with Python...
Which Result II
Comments posted to this topic are about the item Which Result II
JSON Has a Cost
Comments posted to this topic are about the item JSON Has a Cost, which...
Question of the Day
Which Result II
I have this code in SQL Server 2022:
CREATE SCHEMA etl;
GO
CREATE TABLE etl.product
(
ProductID INT,
ProductName VARCHAR(100)
);
GO
INSERT etl.product
VALUES
(2, 'Bee AI Wearable');
GO
CREATE TABLE dbo.product
(
ProductID INT,
ProductName VARCHAR(100)
);
GO
INSERT dbo.product
VALUES
(1, 'Spiral College-ruled Notebook');
GO
CREATE OR ALTER PROCEDURE etl.GettheProduct
AS
BEGIN
exec('SELECT ProductName FROM product;')
END;
GO
When I execute this code as a user whose default schema is dbo and has rights to the tables and proc, what is returned? See possible answers