Fair point Bozo. Assuming some sort of diligence forcing someone to log in to the network does present a degree of security. If you use the keymaster concept, no one really has the sql login though, so it's really down to someone hacking the login/password, or the keymaster table! Long passwords are still tough to crack - see the review Steve Jones recently posted, and require access to the sysxlogins table to get the value to test against anyway.
Bill, trusts are interesting. Afraid I know more theory than practice on that one, never really had to develop in that environment. Duplicating username/pwd truly horrible, what a pain to have to keep up with that!