An Overview of SQL Server's Security Model

SQL Server's security model comprises the following components:

  • SQL Server login

  • Database user

  • guest user

  • Permissions

  • Roles

SQL Server Login

The SQL Server login model supports two security modes:

  • Windows Authentication

  • SQL Server and Windows (Mixed Mode)


By default, the sa account is not password protected! After installing SQL Server, I recommend immediately changing the sa password.

Windows Authentication

Windows Authentication takes advantage of Windows 2000 user security and account mechanisms. This security mode allows SQL Server to share the username and password used for Windows 2000 and allows the user to bypass the SQL Server login process. Users with a valid Windows 2000 account can log ...

Get Microsoft® SQL Server™ 2000 DBA Survival Guide, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.