Secure direct access to SQL Server?

Discussion in 'Databases' started by paul wragg, Jun 8, 2005.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. paul wragg

    paul wragg

    I want to be able to directly (from a VB.netapplication running on my own PC) access my DASP SQL database in a secure fashion. That is, I don't want my SQL username/password to be interceptible or (slightly less importantly) the data itself coming from SQL.

    Any useful pointers on how to do this in this environment would be appreciated.

    Paul.
     
    paul wragg, Jun 8, 2005
    #1
  2. Bruce

    Bruce DiscountASP.NET Staff

    Bruce, Jun 8, 2005
    #2
  3. paul wragg

    paul wragg

    No, I know for a fact that it isn't encrypted by default.
    Following is from MSDN

    Passing credentials over the network


    When you connect to SQL Server with SQL authentication, the user name and password are sent across the network in clear text. This can represent a significant security concern.


    ....


    If you are using SQL authentication, you should also secure the communication link to ensure that user names and passwords can not be compromised with network monitoring software.
     
    paul wragg, Jun 8, 2005
    #3
  4. Bruce

    Bruce DiscountASP.NET Staff

    I did some research and you are correct.

    but unfortunately, there is nothing we can do in the near term to make this secure.

    I'll reflect that to our DBA

    Bruce

    DiscountASP.NET
    www.DiscountASP.NET
     
    Bruce, Jun 10, 2005
    #4
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page