O'Reilly logo

Securing SQL Server: DBAs Defending the Database by Peter A. Carter

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Peter A. Carter 2016

Peter A. Carter, Securing SQL Server, 10.1007/978-1-4842-2265-2_8

8. Protecting Credentials

Peter A. Carter

(1)Botley, UK

Stealing the credentials of a security principal with the intent of elevating your allowed permissions is known as identity spoofing. There are various ways that an attacker may attempt to steal credentials. This chapter discusses some of those methods, as well as countermeasures that you can put in place to mitigate the risk.

Protecting the sa Account

Although it has long been best practice to use Windows authentication rather than mixed mode authentication, which allows authentication using both Windows authentication and SQL authentication, the majority of corporate instances (in my experience) are still ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required