Security

SQLServerCentral Article

Can We Please Stop Sending Passwords Over the Wire?

  • Article

While analyzing SQL Server's network protocol, I came across a weird fact: when a database client logs in using SQL Server authentication (as opposed to Windows authentication), it has to send the user's password to the server, in blatant violation of common security guidelines. At first, I couldn't believe it; SQL Server generally does an […]

(8)

You rated this post out of 5. Change rating

2022-03-02

5,633 reads

SQLServerCentral Article

Query control made easy

  • Article

Overview As we all know, data security is a never-ending battle. Every day, we hear of new data breaches. It's a hard problem, and there is no single solution, other than a defense in depth. Let's look at one of those defenses for databases: query control. Query control is a simple idea: most applications access […]

(4)

You rated this post out of 5. Change rating

2022-01-07

4,044 reads

SQLServerCentral Article

How to (Somewhat) Increase SQL Server Security

  • Article

Problem Some time ago Argenis Fernandez(@DBArgenis) found and described a vulnerability that allows you to get into SQL Server with 'sa' rights. This method does not require a restart of the SQL Server service or the whole machine, the condition is a local administrator account on the server. Reminder SQL Server until 2008R2: Until SQL 2008R2, […]

(6)

You rated this post out of 5. Change rating

2022-01-03

8,468 reads

Blogs

Automatic Index Compaction

By

Index maintenance has always meant nightly jobs and a window you have to defend....

Monday Monitor Tips: Virtual Machine Usage and Cost

By

One of the things I’ve been requesting for a number of years is cost...

Advice I Like: Respect

By

“Don’t aim to have others like you; aim to have them respect you.” –...

Read the latest Blogs

Forums

SQL Art, Part 4: Happy 4th of July — A British DBA's Guide to Celebrating a War We Don't Talk About

By Terry Jago

Comments posted to this topic are about the item SQL Art, Part 4: Happy...

SQL Server Still Wins

By Steve Jones - SSC Editor

Comments posted to this topic are about the item SQL Server Still Wins

DBCC CHECKDB Limits I

By Steve Jones - SSC Editor

Comments posted to this topic are about the item DBCC CHECKDB Limits I

Visit the forum

Question of the Day

DBCC CHECKDB Limits I

When running DBCC CHECKDB on SQL Server 2025, can I include the Resource Database?

See possible answers