An Overview of SQL Server's Security Model

SQL Server's security model comprises the following components:

  • SQL Server login

  • Database user

  • guest user

  • Permissions

  • Roles

SQL Server Login

The SQL Server login model supports two security modes:

  • Windows Authentication

  • SQL Server and Windows (Mixed Mode)


By default, the sa account is not password protected! After installing SQL Server, I recommend immediately changing the sa password.

Windows Authentication

Windows Authentication takes advantage of Windows 2000 user security and account mechanisms. This security mode allows SQL Server to share the username and password used for Windows 2000 and allows the user to bypass the SQL Server login process. Users with a valid Windows 2000 account can log ...

Get Microsoft® SQL Server™ 2000 DBA Survival Guide, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.