While working on the new edition of our book for after RTM, I've been looking around for security features that I missed or that didn't exist when we wrote it (May 2004 and before). Here's one:
In SQL Server 2005, you can DISABLE a LOGIN by using ALTER LOGIN. You can also change the name of any LOGIN (including 'sa'), making things more like Windows security. You would change the name of the sa account to give hackers one more item to guess. Here's how.
ALTER LOGIN sa WITH NAME = fred
go
— fred (sa) on vacation
ALTER LOGIN fred DISABLE
go
— When the sa returns from vacation
ALTER LOGIN fred ENABLE
go
2 thoughts on “Security in SQL Server 2005 – Logins”
what account do you use for the enable?
An integrated security admin account.
Comments are closed.