Peter A. CarterSecuring SQL Serverhttps://doi.org/10.1007/978-1-4842-4161-5_8

8. Protecting Credentials

Peter A. Carter¹

(1)

London, UK

Stealing the credentials of a security principal, with the intent of elevating your allowed permissions, is known as identity spoofing. There are various ways that an attacker may attempt to steal credentials. This chapter will discuss some of those methods, as well as countermeasures that you can put in place to mitigate the risk.

Protecting the sa Account

Although it has long been best practice to use Windows Authentication, as opposed to Mixed Mode Authentication, which allows authentication using both Windows Authentication and SQL Authentication, the majority of corporate instances (in my ...

Get Securing SQL Server: DBAs Defending the Database now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing SQL Server: DBAs Defending the Database by Peter A. Carter

8. Protecting Credentials

Protecting the sa Account

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly