Are SQL Server userid's and passwords passed in clear on the network?

A. If you use multi-protocol net-lib with encryption then SQL standard security userids/passwords are encrypted along with the data.

When using an NT userid/trusted connection then passwords are not passed at all - the sids are used as in all NT credential checks.

If you are using SQL 7.0 client drivers talking to a 7.0 server then the SQL standard security userid/password is encrypted regardless of net-lib.

In any other case then the SQL standard security userid/password is sent in clear.


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish