Books Online recommends not using the Reporting Services Execution Account as the login to connect to data sources. However, it is much more convenient to define a data source this way, since you do not have to enter the user name and password when you setup a data source. I was wondering if anyone is aware of any security problems or other serious problems from doing this?
From SQL Server 2008 Books Online
“The unattended report processing account is used primarily to connect to external servers, and not as a login to database servers. If you want to use the account credentials to log in to a database, you must specify credentials in the connection string. You can specify Integrated Security=SSPI if the database server supports Windows integrated security and the account used for unattended report processing has permission to read the database. Otherwise, you must enter the user name and password in the connection string, where it appears in clear text to any user who has permission to edit data source connection properties.
Although you are not prevented from using the unattended report processing account to retrieve data after the connection is made, doing so is not recommended. The account is supposed to be used for very specific functions. If you use it to retrieve data, you undermine the purpose for which it is intended.”