Authenticating Logins

  • Morris Lewis


Login security is the first step in securing a server. The basic premise is that an attacker cannot hurt what he cannot see; therefore, you will spend a lot of time ensuring unauthorized users never log into SQL Server successfully. It may seem as though authenticating logins should be a straightforward process of comparing account names and passwords to a list of authorized users but, in fact, it is a little more complicated than that. If the network were perfectly secure from protocol analyzers and other network packet capture tools, you could ignore how accounts and passwords are exchanged between a client and SQL Server. If everyone were honest and trustworthy, you would not need to verify a user’s identity before she could access data. If there were no secrets, you would not need to hide sensitive or private data from prying eyes. Because none of these conditions exist, you need to prevent passwords from being stolen, identities from being impersonated, and data from being seen by the wrong people.


Authentication Process Domain Name System Login Request Secure Socket Layer Dictionary Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Morris Lewis 2004

Authors and Affiliations

  • Morris Lewis

There are no affiliations available

Personalised recommendations